A command injection vulnerability exists in Fortinet FortiWLC, a wireless LAN controller from Fortinet, which stems from a failure to properly validate input data in the alert dashboard and controller configuration handler. HTTP requests and execute arbitrary operating system commands on the target system.
CPE | Name | Operator | Version |
---|---|---|---|
Fortinet FortiWLM | le | 8.3.2 | |
Fortinet FortiWLM >=8.4.0, | le | 8.4.2 | |
Fortinet FortiWLM >=8.5.0, | le | 8.5.2 | |
Fortinet FortiWLM >=8.6.0, | lt | 8.6.3 |