FortiWeb - OS command injection vulnerability
Summary
An OS command injection vulnerability in FortiWeb's management interface may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page.
Affected Products
FortiWeb versions 6.3.7 and below. FortiWeb versions 6.2.3 and below. FortiWeb versions 6.1.x, 6.0.x, 5.9.x.Solutions
Please upgrade to FortiWeb versions 6.3.8 or above. Please upgrade to FortiWeb versions 6.2.4 or above.