CVE-2023-40716
EUVD-2023-4527013.12.2023, 07:15
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester 2.3.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments when running execute restore/backup .
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| fortinet | fortitester | 2.3.0 |
| fortinet | fortitester | 2.4.0 |
| fortinet | fortitester | 2.4.1 |
| fortinet | fortitester | 2.5.0 |
| fortinet | fortitester | 2.6.0 |
| fortinet | fortitester | 2.7.0 |
| fortinet | fortitester | 2.8.0 |
| fortinet | fortitester | 2.9.0 |
| fortinet | fortitester | 3.0.0 |
| fortinet | fortitester | 3.1.0 |
| fortinet | fortitester | 3.2.0 |
| fortinet | fortitester | 3.3.0 |
| fortinet | fortitester | 3.3.1 |
| fortinet | fortitester | 3.4.0 |
| fortinet | fortitester | 3.5.0 |
| fortinet | fortitester | 3.5.1 |
| fortinet | fortitester | 3.6.0 |
| fortinet | fortitester | 3.7.0 |
| fortinet | fortitester | 3.7.1 |
| fortinet | fortitester | 3.8.0 |
| fortinet | fortitester | 3.9.0 |
| fortinet | fortitester | 3.9.1 |
| fortinet | fortitester | 3.9.2 |
| fortinet | fortitester | 4.0.0 |
| fortinet | fortitester | 4.1.0 |
| fortinet | fortitester | 4.1.1 |
| fortinet | fortitester | 4.2.0 |
| fortinet | fortitester | 4.2.1 |
| fortinet | fortitester | 7.0.0 |
| fortinet | fortitester | 7.1.0 |
| fortinet | fortitester | 7.1.1 |
| fortinet | fortitester | 7.2.0 |
| fortinet | fortitester | 7.2.1 |
| fortinet | fortitester | 7.2.2 |
| fortinet | fortitester | 7.2.3 |
𝑥
= Vulnerable software versions