Command injection vulnerabilities in cli commands

Summary

Multiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] in FortiADC & FortiADC Manager may allow a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests.

Affected Products

FortiADC version 7.2.0
FortiADC version 7.1.0 through 7.1.2
FortiADC 7.0 all versions
FortiADC 6.2 all versions
FortiADC 6.1 all versions
FortiADC 6.0 all versions
FortiADC 5.4 all versions
FortiADC 5.3 all versions
FortiADC 5.2 all versions
At least
FortiADCManager 7.2 all versions are not affected
FortiADCManager version 7.1.0
FortiADCManager version 7.0.0
FortiADCManager 6.2 all versions
FortiADCManager 6.1 all versions
FortiADCManager 6.0 all versions
FortiADCManager 5.4 all versions
FortiADCManager 5.3 all versions
FortiADCManager 5.2 all versions

Solutions

Please upgrade to FortiADC version 7.2.1 or above
Please upgrade to FortiADC version 7.1.3 or above
Please upgrade to FortiADCManager version 7.2.0 or above
Please upgrade to FortiADCManager version 7.1.1 or above
Please upgrade to FortiADCManager version 7.0.1 or above

Acknowledgement

Internally discovered and reported by Théo Leleu and Giulia Clerici of Fortinet Product Security team.

Timeline

2023-06-12: Initial publication