CVE-2021-24023

Summary

An improper input validation in FortiAI v1.4.0 and earlier may allow an authenticated user to gain system shell access via a malicious payload in the "diagnose" command.

Affected Software

VendorProductVersion RangeStatus
FortinetFortinet FortiAIFortiAI 1.4.0 and earlieraffected

Weaknesses

  • Execute unauthorized code or commands

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References