Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-26115

An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.

Published

2024-12-19T11:15:07.103

Last Modified

2025-01-21T20:30:46.950

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	fortinet	fortiwan	< 4.5.8	Yes

References

https://fortiguard.fortinet.com/psirt/FG-IR-21-069 Vendor Advisory ([email protected])