CVE-2022-29058

Name of the Vulnerable Software and Affected Versions FortiAP versions 5.4.0 through 6.2.3 FortiAP versions 6.0.0 through 6.4.7 FortiAP versions 7.0.0 through 7.0.3 FortiAP version 7.2.0 FortiAP-S versions 6.0.0 through 6.4.7 FortiAP-W2 versions 6.0.0 through 6.4.7 FortiAP-W2 versions 7.0.0 through 7.0.3 FortiAP-W2 version 7.2.0 FortiAP-U versions 5.4.0 through 6.2.3

Description The issue is related to an improper neutralization of special elements used in an OS command, which may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.

Recommendations For FortiAP versions 5.4.0 through 6.2.3, update to a version outside of this range to resolve the issue. For FortiAP versions 6.0.0 through 6.4.7, update to a version outside of this range to resolve the issue. For FortiAP versions 7.0.0 through 7.0.3, update to a version outside of this range to resolve the issue. For FortiAP version 7.2.0, update to a version outside of this range to resolve the issue. For FortiAP-S versions 6.0.0 through 6.4.7, update to a version outside of this range to resolve the issue. For FortiAP-W2 versions 6.0.0 through 6.4.7, update to a version outside of this range to resolve the issue. For FortiAP-W2 versions 7.0.0 through 7.0.3, update to a version outside of this range to resolve the issue. For FortiAP-W2 version 7.2.0, update to a version outside of this range to resolve the issue. For FortiAP-U versions 5.4.0 through 6.2.3, update to a version outside of this range to resolve the issue.