Fortiwlc Security Vulnerabilities and Issues — Fortiwlc CVE List

Lucene search

FortinetFortiwlc

3 matches found

CVE•added 2017/10/26 1:29 p.m.•54 views

CVE-2017-7341

An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests.

9CVSS7.4AI score0.02526EPSS

CVE•added 2017/10/26 1:29 p.m.•40 views

CVE-2017-7335

A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refresh" and "branchtotable"...

5.4CVSS5.1AI score0.00253EPSS

CVE•added 2017/02/01 5:59 p.m.•39 views

CVE-2016-8491

The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.

9.4CVSS9.1AI score0.00272EPSS