Loading HuntDB...

GHSA-6gxf-4w6m-j956

GitHub Security Advisory

⚠ Unreviewed CRITICAL Has CVE

Advisory Details

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

Related CVEs

Key Information

GHSA ID
GHSA-6gxf-4w6m-j956
Published
August 12, 2025 9:31 PM
Last Modified
August 15, 2025 6:31 PM
CVSS Score
9.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: August 23, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.