#VU84856 Command Injection in FortiPortal - CVE-2023-48791

Cybersecurity Help s.r.o.

Published: 2023-12-29

Vulnerability identifier: #VU84856

Vulnerability risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-48791

CWE-ID: CWE-77

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
FortiPortal
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor: Fortinet, Inc

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to improper input validation. A remote user with R/W permissions can pass specially crafted arguments via the Schedule System Backup page field and execute arbitrary OS commands.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

FortiPortal: 5.3.0 - 7.2.0

External links
https://fortiguard.com/psirt/FG-IR-23-425

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Authenticated command injection in FortiPortal