CVE-2021-26116

Name of the Vulnerable Software and Affected Versions FortiAuthenticator versions prior to 6.3.1

Description The issue is related to an improper neutralization of special elements used in an OS command vulnerability in the command line interpreter. This may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.

Recommendations For FortiAuthenticator versions prior to 6.3.1, update to version 6.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the command line interpreter to minimize the risk of exploitation.