cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-25608,https://securityvulnerability.io/vulnerability/CVE-2023-25608,Incomplete Filtering Vulnerability in Fortinet FortiAP Products,"Fortinet's FortiAP series, including various versions of FortiAP-W2, FortiAP-C, and FortiAP-U, are susceptible to an incomplete filtering vulnerability. This flaw allows an authenticated attacker to exploit the command line interpreter, potentially gaining unauthorized access to sensitive files by leveraging specially crafted command arguments. Admins must be vigilant to patch affected versions and safeguard their networks against this vector of attack.",Fortinet,"Fortiap-w2,Fortiap-c,Fortiap,Fortiap-u,Fortiap-s",5.2,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2023-09-13T13:15:00.000Z,0
CVE-2023-36634,https://securityvulnerability.io/vulnerability/CVE-2023-36634,Vulnerability in FortiAP Command Line Interpreter Impacts File Management,"The vulnerability in the command line interpreter of FortiAP may allow authenticated attackers to list and delete arbitrary files and directories by leveraging specially crafted command arguments. This issue arises from an incomplete filtering of special elements, presenting significant risks in file management tasks. Administrators should ensure their systems are updated and patched against this vulnerability to prevent unauthorized access and potential data manipulation.",Fortinet,Fortiap-u,6.5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2023-09-13T13:15:00.000Z,0
CVE-2022-29058,https://securityvulnerability.io/vulnerability/CVE-2022-29058,OS Command Injection Vulnerability in FortiAP Products by Fortinet,"An OS command injection vulnerability exists in the command line interpreter of multiple FortiAP products. This issue arises from improper neutralization of special elements, allowing an authenticated attacker to execute unauthorized commands by crafting specific arguments to existing commands. This highlights the importance of secure coding practices to mitigate potential exploitation.",Fortinet,"Fortinet Fortiap, Fortiap-s, Fortiap-w2, Fortiap-u",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-09-06T15:10:15.000Z,0
CVE-2022-30301,https://securityvulnerability.io/vulnerability/CVE-2022-30301,Path Traversal Vulnerability in FortiAP-U CLI by Fortinet,"A path traversal vulnerability in FortiAP-U CLI allows admin users to access unauthorized files and potentially delete sensitive data by exploiting crafted CLI commands. This issue exists across multiple versions including 6.2.0 to 6.2.3, 6.0.0 to 6.0.4, and 5.4.0 to 5.4.6, making it crucial for organizations utilizing FortiAP-U CLI to review their configurations and limit administrative command access to prevent potential compromises.",Fortinet,Fortinet Fortiap-u,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-07-18T16:35:46.000Z,0
CVE-2019-15709,https://securityvulnerability.io/vulnerability/CVE-2019-15709,Improper Input Validation in FortiAP Products by Fortinet,"An improper input validation issue in FortiAP products permits unauthorized administrators to execute specially crafted tcpdump commands in the CLI. This flaw results in the potential for system file overwriting, posing significant risks to the integrity and security of the affected systems. It is essential for administrators to apply the latest patches and implement proper security measures to mitigate the risks associated with this vulnerability.",Fortinet,"Fortinet Fortiap-s/w2, Fortiap-u",6.5,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2020-06-01T18:37:21.000Z,0
CVE-2019-15708,https://securityvulnerability.io/vulnerability/CVE-2019-15708,Command Injection Vulnerability in Fortinet FortiAP Products,"A command injection vulnerability exists in Fortinet's FortiAP products, specifically within the CLI admin console. This issue allows unauthorized administrators to execute arbitrary system-level commands through specially crafted ifconfig commands. Affected versions include FortiAP-S/W2 6.2.1, 6.2.0, FortiAP 6.0.5 and earlier, as well as FortiAP-U versions below 6.0.0. Organizations using these products are advised to take immediate action to mitigate risks.",Fortinet,"Fortinet Fortiap-s/w2,Fortinet Fortiap-u,Fortinet Fortiap",6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-03-15T22:27:49.000Z,0