CVE-2023-33300 Information

Description

A improper neutralization of special elements used in a command (‘command injection’) in Fortinet FortiNAC 7.2.1 and earlier 9.4.3 and earlier allows attacker a limited unauthorized file access via specifically crafted request in inter-server communication port.

Reference

https://fortiguard.com/psirt/FG-IR-23-096