Command Injection Vulnerability in Fortinet FortiExtender Versions 7.0.1 and below, 4.2.3 and below, 4.1.7 and below

Command Injection Vulnerability in Fortinet FortiExtender Versions 7.0.1 and below, 4.2.3 and below, 4.1.7 and below

CVE-2021-41016 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters

Learn more about our Cis Benchmark Audit For Fortinet.