Fortinet FortiSOAR IMAP Connector OS Command Injection Vulnerability

Vulnerability

A vulnerability allowing OS command injection has been identified in the FortiSOAR IMAP connector, specifically in versions through 3.5.7. This vulnerability arises from improper neutralization of special elements used in OS commands, potentially allowing an authenticated attacker to execute unauthorized code or commands by crafting a specific playbook.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code or commands on the affected system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

10.0

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

10.0

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiSOAR IMAP Connector OS Command Injection Vulnerability

Vulnerability

Impact

Affected Products

Fortinet FortiSOAR IMAP connector

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating