Fortinet FortiManager Command Injection Vulnerability Leading to Privilege Escalation

Vulnerability

A command injection vulnerability has been identified in Fortinet FortiManager versions 7.4.1 through 7.4.3, as well as FortiManager Cloud versions 7.4.1 through 7.4.3. This vulnerability allows attackers to escalate privileges by sending specially crafted packets that exploit improper neutralization of special elements used in commands.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiManager Command Injection Vulnerability Leading to Privilege Escalation

Vulnerability

Impact

Affected Products

Fortinet FortiManager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating