by CIRT Team
Multiple Vulnerabilities in Fortinet FortiWeb Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in Fortinet FortiWeb, the most severe of which could allow for arbitrary code execution within the context of a privileged process. Details of these vulnerabilities are as follows: * A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted...
Read More