Share
## https://sploitus.com/exploit?id=SAINT:CA31E70DACC28B1FBA412B404F0BE691
Added: 11/15/2024  


### Background

FortiManager is an integrated platform for the centralized management of products in a Fortinet security infrastructure. 

### Problem

Missing authentication in the `**fgfmd**` service could allow a remote attacker to execute arbitrary commands. 

### Resolution

Upgrade to FortiManager 6.2.13, 6.4.15, 7.0.13, 7.2.8, 7.4.5, or 7.6.1 or higher, or use one of the workarounds described in FG-IR-24-423. 

### References

https://fortiguard.fortinet.com/psirt/FG-IR-24-423   


### Platforms

FortiManager