FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands

Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized commands. Tracked as CVE-2024-45325, the flaw is an OS command injection vulnerability residing within the product’s command-line interface (CLI).

The vulnerability, identified as CWE-78, stems from an improper neutralization of special elements used in an OS command. An attacker with high privileges and local access to the system could exploit this weakness by sending specially crafted requests to the CLI.

A successful exploit would allow the attacker to execute arbitrary code or commands with the permissions of the application, potentially leading to a full system compromise.

The vulnerability has been assigned a CVSSv3 score of 6.5, categorizing it as medium severity.

The CVSS vector, AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, indicates that an attacker requires local access and high-level privileges, and no user interaction is needed.

Despite the high privilege requirement, the potential impact on confidentiality, integrity, and availability is high. The issue was internally discovered and reported by Théo Leleu of Fortinet’s Product Security team.

Affected Versions and Mitigation

Fortinet has confirmed that multiple versions of FortiDDoS-F are affected by this vulnerability. The advisory, FG-IR-24-344, published on September 9, 2025, outlines the specific versions and the recommended actions for administrators.

Administrators running vulnerable versions are strongly urged to apply the recommended updates or migrate to a patched release to prevent potential exploitation.

Organizations using FortiDDoS-F 7.0 should upgrade to version 7.0.3 immediately, while those on older branches (6.1 through 6.6) must plan a migration to a secure version.

Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.