A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable.
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Fortios | Fortinet | 5.6.0 (including) | 5.6.0 (including) |