A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-22-300 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:06:55.108Z
Updated: 2023-02-16T18:06:55.108Z
Reserved: 2022-09-05T13:11:35.553Z
Link: CVE-2022-39952
JSON object: View
NVD Information
Status : Modified
Published: 2023-02-16T19:15:13.060
Modified: 2023-11-07T03:50:41.250
Link: CVE-2022-39952
JSON object: View
Redhat Information
No data.