CVE-2023-36634 Information

Description

An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-U 7.0.0 6.2.0 through 6.2.5 6.0 all versions 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially crafted command arguments.

Reference

https://fortiguard.com/psirt/FG-IR-23-123