Loading
An improper neutralization of special elements used in an OS Command ("OS Command Injection") vulnerability [CWE-78] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a remote and authenticated attacker with low privilege to execute unauthorized code via specifically crafted HTTP parameters.
Use CWE-78, Fortinet vendor hub and Fortiadc product page to widen CVE-2025-49813 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-37933, CVE-2023-50178 and CVE-2025-31104 for nearby disclosures in the same product family.