EUVD-2019-6644

Malware in sbrugna...

EUVD-2019-6646

Malware in sbrugna...

CVE-2019-15708

A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6.2.0, 6.0.5 and below, FortiAP 6.0.5 and below and FortiAP-U below 6.0.0 under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands...

CVE-2019-15710

An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted "execute date" commands...

Input validation

An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI...

CVE-2019-15708

A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6.2.0, 6.0.5 and below, FortiAP 6.0.5 and below and FortiAP-U below 6.0.0 under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands...

CVE-2019-15710

FortiExtender OS command injection affects versions prior to 4.1.2. In the FortiExtender CLI admin console, authenticated administrators can execute arbitrary system commands via specially crafted “execute date” inputs, due to improper input sanitization. The vulnerability is documented in Fortin...