CVE-2023-28000 Information

Description

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC CLI 7.1.0 7.0.0 through 7.0.3 6.2.0 through 6.2.4 6.1 all versions 6.0 all versions may allow a local and authenticated attacker to execute unauthorized commands via specifically crafted arguments in diagnose system df CLI command.

Reference

https://fortiguard.com/psirt/FG-IR-23-107