CVE-2023-27999

Name of the Vulnerable Software and Affected Versions FortiADC versions 7.1.0 through 7.2.0

Description The issue is related to an improper neutralization of special elements used in an OS command, which may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.

Recommendations For FortiADC versions 7.1.0 through 7.1.1, consider restricting access to existing commands to minimize the risk of exploitation. For FortiADC version 7.2.0, consider disabling the use of special elements in OS commands until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.