CVE-2022-38381

Name of the Vulnerable Software and Affected Versions FortiADC versions 5.0 through 7.0.2

Description An improper handling of malformed request vulnerability exists in FortiADC, allowing a remote attacker without privileges to bypass some Web Application Firewall (WAF) protection, such as the SQL Injection and XSS filters, via a malformed HTTP request.

Recommendations For FortiADC versions 5.0 through 7.0.2, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.