Command Injection Vulnerability in Fortinet FortiExtender Versions 7.0.1 and below, 4.2.3 and below, 4.1.7 and below
CVE-2021-41016 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters
Learn more about our Cis Benchmark Audit For Fortinet.