cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-26012,https://securityvulnerability.io/vulnerability/CVE-2024-26012,OS Command Injection Vulnerability in Fortinet FortiAP Products,"An OS command injection vulnerability exists in various Fortinet FortiAP products due to improper neutralization of special characters in OS commands. This vulnerability allows a local authenticated attacker to exploit the command-line interface (CLI) and execute unauthorized code, potentially compromising the security of the device. Affected versions span multiple releases, necessitating immediate action to mitigate risks.",Fortinet,"Fortiap-s,Fortiap-w2,Fortiap",6.3,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-14T14:15:00.000Z,0
CVE-2023-25608,https://securityvulnerability.io/vulnerability/CVE-2023-25608,,"An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments.",Fortinet,"Fortiap-w2,Fortiap-c,Fortiap,Fortiap-u,Fortiap-s",5.2,MEDIUM,0.0006399999838322401,false,false,false,false,,false,false,2023-09-13T13:15:00.000Z,0
CVE-2023-36634,https://securityvulnerability.io/vulnerability/CVE-2023-36634,,"An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially crafted command arguments.",Fortinet,Fortiap-u,6.5,MEDIUM,0.0008900000248104334,false,false,false,false,,false,false,2023-09-13T13:15:00.000Z,0
CVE-2022-29058,https://securityvulnerability.io/vulnerability/CVE-2022-29058,,"An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiAP 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0, FortiAP-S 6.0.0 through 6.4.7, FortiAP-W2 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0 and FortiAP-U 5.4.0 through 6.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.",Fortinet,"Fortinet Fortiap, Fortiap-s, Fortiap-w2, Fortiap-u",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2022-09-06T15:10:15.000Z,0
CVE-2022-30301,https://securityvulnerability.io/vulnerability/CVE-2022-30301,,"A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands.",Fortinet,Fortinet Fortiap-u,7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2022-07-18T16:35:46.000Z,0
CVE-2022-22301,https://securityvulnerability.io/vulnerability/CVE-2022-22301,,"An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments.",Fortinet,Fortinet Fortiap-c,7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2022-03-02T10:00:19.000Z,0
CVE-2021-26106,https://securityvulnerability.io/vulnerability/CVE-2021-26106,,An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments.,Fortinet,"Fortinet Fortiap-w2, Fortiap-s, Fortiap",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2021-07-09T18:26:30.000Z,0
CVE-2019-15709,https://securityvulnerability.io/vulnerability/CVE-2019-15709,,"An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.",Fortinet,"Fortinet Fortiap-s/w2, Fortiap-u",6.5,MEDIUM,0.000750000006519258,false,false,false,false,,false,false,2020-06-01T18:37:21.000Z,0
CVE-2019-17657,https://securityvulnerability.io/vulnerability/CVE-2019-17657,,"An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service (DoS) via handling special crafted HTTP requests/responses in pieces slowly, as demonstrated by Slow HTTP DoS Attacks.",Fortinet,"Fortinet Fortiswitch,Fortianalyzer,Fortimanager,Fortiap-s/w2",7.5,HIGH,0.0022299999836832285,false,false,false,false,,false,false,2020-04-07T17:11:07.000Z,0
CVE-2019-15708,https://securityvulnerability.io/vulnerability/CVE-2019-15708,,"A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6.2.0, 6.0.5 and below, FortiAP 6.0.5 and below and FortiAP-U below 6.0.0 under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands.",Fortinet,"Fortinet Fortiap-s/w2,Fortinet Fortiap-u,Fortinet Fortiap",6.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2020-03-15T22:27:49.000Z,0