CVE-2022-29058 Information

Description

An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiAP 6.0.0 through 6.4.7 7.0.0 through 7.0.3 7.2.0 FortiAP-S 6.0.0 through 6.4.7 FortiAP-W2 6.0.0 through 6.4.7 7.0.0 through 7.0.3 7.2.0 and FortiAP-U 5.4.0 through 6.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.

Reference

https://fortiguard.com/psirt/FG-IR-21-163