CVE-2024-54025

Name of the Vulnerable Software and Affected Versions: Fortinet FortiIsolator CLI versions prior to 2.4.6

Description: The issue is related to an improper neutralization of special elements used in an OS command, which allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests. This is an 'OS Command Injection' vulnerability.

Recommendations: For versions prior to 2.4.6, update to version 2.4.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the CLI to minimize the risk of exploitation.