Lucene search

FortinetCVELIST:CVE-2021-26112

HistoryApr 06, 2022 - 9:15 a.m.

CVE-2021-26112

2022-04-0609:15:15

fortinet

www.cve.org

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C

10 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.3%

JSON

Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN before 4.5.9 may allow an unauthenticated attacker to potentially corrupt control data in memory and execute arbitrary code via specifically crafted requests.

CNA Affected

[
  {
    "product": "Fortinet FortiWAN",
    "vendor": "Fortinet",
    "versions": [
      {
        "status": "affected",
        "version": "FortiWAN before 4.5.9"
      }
    ]
  }
]

References

fortiguard.com/psirt/FG-IR-21-065

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C

10 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.3%

JSON

Related for CVELIST:CVE-2021-26112