FortiWLC-SD Privilege escalation vulnerability using copy running-config
The lack of input sanitisation for CLI command 'copy running-config' allows a user with 'admin' or 'superuser' privilege level to gain shell on the FortiWLC-SD with root privilege.
Escalation of Privilege
FortiWLC-SD versions 8.2.4 and below
Upgrade to FortiWLC-SD version 8.3.0
Fortinet is pleased to thank Tom Scholten of SolidBE for reporting this vulnerability under responsible disclosure