CVE-2024-54025

Medium CVSS 6.7

Overview

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.

CWE: CWE-78 Published: 2025-04-08T14:15:32.463

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.7 (MEDIUM)
Detected tags: command_injection (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags