Fortinet FortiOS 5.2.3 ZebOS Shell Remote Command Execution (FG-IR-15-020)
Critical Nessus Plugin ID 85910
SynopsisThe remote host is affected by a remote command execution vulnerability.
DescriptionThe remote host is running Fortinet FortiOS 5.2.3. It is, therefore, affected by a remote command execution vulnerability that allows an unauthenticated, remote attacker to execute arbitrary commands via the internal ZebOS shell on the high availability (HA) dedicated management interface.
SolutionUpgrade to Fortinet FortiOS 5.2.4 or later.