Lucene search
K

131 matches found

Vulnrichment
Vulnrichment
added 2025/01/14 2:9 p.m.9 views

CVE-2024-26012

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiAP-S 6.2 all verisons, and 6.4.0 through 6.4.9, FortiAP-W2 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.3, and 7.4.0 through 7.4.2, FortiAP 6.4 all versions, 7.0 all versions, 7.2....

6.7CVSS6.6AI score0.00675EPSS
Exploits0References1
CVE
CVE
added 2025/01/14 2:9 p.m.53 views

CVE-2024-26012

CVE-2024-26012: Fortinet FortiAP family devices are affected by an OS command injection vulnerability due to improper neutralization of special elements in commands. A local authenticated attacker could execute unauthorized code via the CLI. Affected products and versions include FortiAP-S: 6.2 (...

7.8CVSS6.6AI score0.00675EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2025/01/14 2:9 p.m.12 views

CVE-2024-26012

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiAP-S 6.2 all verisons, and 6.4.0 through 6.4.9, FortiAP-W2 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.3, and 7.4.0 through 7.4.2, FortiAP 6.4 all versions, 7.0 all versions, 7.2....

6.7CVSS0.00675EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.5 views

Fortinet FortiAP 操作系统命令注入漏洞

Fortinet FortiAP is a controller for managing wireless access point devices from Fortinet, Inc. Fortinet FortiAP suffers from an operating system command injection vulnerability that arises from an improper neutralization of special elements used in operating system commands, which can be exploit...

7.8CVSS7.9AI score0.00675EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.5 views

Fortinet FortiPortal 安全漏洞

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi, and FortiAP product lines, available as a virtual machine for MSPs. A security vulnerability exists in Fortinet FortiPortal version 7.0.3 and prior versions...

8.1CVSS6.7AI score0.00381EPSS
Exploits0References2
CNVD
CNVD
added 2024/03/14 12:0 a.m.23 views

Fortinet FortiPortal Authorization Issues Vulnerability

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. An authorization issue vulnerability exists in Fortinet FortiPortal that stems from the...

4.3CVSS7AI score0.00432EPSS
Exploits0References1
NVD
NVD
added 2023/09/13 1:15 p.m.30 views

CVE-2023-25608

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...

6.5CVSS5.9AI score0.00496EPSS
Exploits0References1
NVD
NVD
added 2023/09/13 1:15 p.m.13 views

CVE-2023-36634

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially...

8.8CVSS7.5AI score0.00519EPSS
Exploits0References1
OSV
OSV
added 2023/09/13 1:15 p.m.4 views

CVE-2023-36634

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially...

8.8CVSS5.9AI score0.00519EPSS
Exploits0References1
OSV
OSV
added 2023/09/13 1:15 p.m.5 views

CVE-2023-25608

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...

6.5CVSS5.9AI score0.00496EPSS
Exploits0References1
Prion
Prion
added 2023/09/13 1:15 p.m.23 views

Design/Logic Flaw

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...

4CVSS6.5AI score0.00496EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2023/09/13 1:15 p.m.16 views

Design/Logic Flaw

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially...

6.5CVSS8.7AI score0.00519EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/13 12:29 p.m.19 views

CVE-2023-36634

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially...

7.1CVSS8.9AI score0.00519EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/13 12:29 p.m.13 views

CVE-2023-36634

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially...

7.1CVSS7.1AI score0.00519EPSS
Exploits0References1
CVE
CVE
added 2023/09/13 12:29 p.m.45 views

CVE-2023-36634

FortiAP-U CVE-2023-36634 applies to FortiAP-U versions 5.4–7.0.0 and 6.0–6.2.5, due to incomplete filtering of special elements (CWE-792) in the command line interpreter. An authenticated attacker could list and delete arbitrary files/directories via specially crafted command arguments. The impac...

8.8CVSS8.6AI score0.00519EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/13 12:28 p.m.11 views

CVE-2023-25608

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...

5.5CVSS6.9AI score0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/13 12:28 p.m.29 views

CVE-2023-25608

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...

5.5CVSS6.7AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 2023/09/13 12:28 p.m.49 views

CVE-2023-25608

CVE-2023-25608 affects Fortinet FortiAP-W2, FortiAP-C, FortiAP, and FortiAP-U products due to incomplete filtering of special elements (CWE-792) in the command line interpreter. An authenticated attacker could read arbitrary files by supplying specially crafted command arguments. Affected version...

6.5CVSS6.5AI score0.00496EPSS
Exploits0References1Affected Software4
Positive Technologies
Positive Technologies
added 2023/09/13 12:0 a.m.6 views

PT-2023-20192 · Fortinet · Fortiap-W2 +3

Name of the Vulnerable Software and Affected Versions: FortiAP-W2 versions 6.0 through 7.2.1 FortiAP-C versions 5.2 through 5.4.4 FortiAP versions 6.0 through 7.2.1 FortiAP-U versions 5.4 through 7.0.0 Description: An incomplete filtering of one or more instances of special elements in the comman...

6.5CVSS6.6AI score0.00496EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/09/13 12:0 a.m.4 views

Fortinet FortiAP-U Security Vulnerability

Fortinet FortiAP-U is a controller for managing wireless access point devices from Fortinet, Inc. A security vulnerability exists in Fortinet FortiAP-U that could allow an authenticated attacker to list and delete arbitrary files and directories via constructed command parameters. Affected produc...

8.8CVSS6.8AI score0.00519EPSS
Exploits0References3
Rows per page
Query Builder