Lucene search
+L

131 matches found

OSV
OSV
added 2021/07/09 7:15 p.m.5 views

CVE-2021-26106

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

7.8CVSS7.2AI score0.00295EPSS
Exploits0References1
Prion
Prion
added 2021/07/09 7:15 p.m.18 views

Command injection

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

4.6CVSS7.8AI score0.00295EPSS
Exploits0References1Affected Software3
Vulnrichment
Vulnrichment
added 2021/07/09 6:26 p.m.12 views

CVE-2021-26106

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

7.8CVSS7.4AI score0.00295EPSS
Exploits0References1
CVE
CVE
added 2021/07/09 6:26 p.m.86 views

CVE-2021-26106

Fortinet FortiAP OS command injection (CVE-2021-26106) affects FortiAP console versions 6.4.1–6.4.5 and 6.2.4–6.2.5. The vulnerability is due to improper neutralization of special elements in an OS command, enabling an authenticated, local attacker to execute unauthorized commands by issuing the ...

7.8CVSS7.8AI score0.00295EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2021/07/09 6:26 p.m.38 views

CVE-2021-26106

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

7.8CVSS8.1AI score0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/09 12:0 a.m.8 views

Fortinet FortiAP 操作系统命令注入漏洞

Fortinet FortiAP is a controller for managing wireless access point devices from Fortinet, Inc. A security vulnerability exists in Fortinet FortiAP, which can be exploited by an attacker to execute unauthorized commands by running the kdbg CLI command with specially crafted parameters...

7.8CVSS5.8AI score0.00295EPSS
Exploits0References3
Fortinet
Fortinet
added 2021/07/07 12:0 a.m.35 views

FortiAP - OS command Injection through kdbg CLI command

An instance of improper neutralization of special elements used in an OS Command found in FortiAP's console may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...

4.6CVSS7.7AI score0.00295EPSS
Exploits0Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/03/11 12:0 a.m.7 views

The vulnerability affects the implementation of WPA/WPA2 protocols in Fortinet’s FortiOS operating systems and Fortinet FortiAP access point software. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the implementations of WPA/WPA2 protocols in Fortinet’s FortiOS operating systems and Fortinet FortiAP access point software is related to insufficiently secure data encryption. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected...

10CVSS5.5AI score
Exploits0References3Affected Software1
NVD
NVD
added 2020/06/01 7:15 p.m.23 views

CVE-2019-15709

An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI...

8.5CVSS6.5AI score0.01328EPSS
Exploits0References1
OSV
OSV
added 2020/06/01 7:15 p.m.10 views

CVE-2019-15709

An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI...

6.5CVSS6.6AI score0.01328EPSS
Exploits0References1
Prion
Prion
added 2020/06/01 7:15 p.m.19 views

Input validation

An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI...

8.5CVSS6.5AI score0.01328EPSS
Exploits0References1Affected Software3
Vulnrichment
Vulnrichment
added 2020/06/01 6:37 p.m.10 views

CVE-2019-15709

An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI...

7AI score0.01328EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/01 6:37 p.m.25 views

CVE-2019-15709

An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI...

6.6AI score0.01328EPSS
Exploits0References1
CVE
CVE
added 2020/06/01 6:37 p.m.88 views

CVE-2019-15709

CVE-2019-15709 concerns Fortinet FortiAP-S/W2 (versions 6.2.0–6.2.2, 6.0.5 and below) and FortiAP-U (6.0.1 and below). The issue is an improper input validation in the FortiAP CLI admin console that may allow unauthorized administrators to overwrite system files using specially crafted tcpdump co...

8.5CVSS6.5AI score0.01328EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/05/26 12:0 a.m.2 views

Fortinet FortiAP-S, FortiAP-W2 and FortiAP-U Input Validation Error Vulnerability

Fortinet FortiAP-S and others are a controller for managing wireless access point devices from Fortinet. An input validation error vulnerability exists in the FortiAP CLI management console in FortiAP-S, FortiAP-W2, and FortiAP-U. An attacker could exploit this vulnerability to overwrite system...

8.5CVSS7AI score0.01328EPSS
Exploits0References1
Fortinet
Fortinet
added 2020/05/25 12:0 a.m.51 views

FortiAP system files overwrite via the tcpdump CLI command

...

8.5CVSS6.4AI score0.01328EPSS
Exploits0Affected Software3
OSV
OSV
added 2020/04/07 6:15 p.m.23 views

CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

7.5CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2020/04/07 6:15 p.m.7 views

ALPINE-CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

7.5CVSS6.8AI score0.02385EPSS
Exploits0References1
Prion
Prion
added 2020/04/07 6:15 p.m.29 views

Denial of service

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

5CVSS7.3AI score0.02385EPSS
Exploits0References1Affected Software5
Vulnrichment
Vulnrichment
added 2020/04/07 5:11 p.m.15 views

CVE-2019-17657

An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service DoS via handling special crafted HTTP...

7.1AI score0.02385EPSS
Exploits0References1
Rows per page
Query Builder