cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-26012,https://securityvulnerability.io/vulnerability/CVE-2024-26012,OS Command Injection Vulnerability in Fortinet FortiAP Products,"An OS command injection vulnerability exists in various Fortinet FortiAP products due to improper neutralization of special characters in OS commands. This vulnerability allows a local authenticated attacker to exploit the command-line interface (CLI) and execute unauthorized code, potentially compromising the security of the device. Affected versions span multiple releases, necessitating immediate action to mitigate risks.",Fortinet,"Fortiap-s,Fortiap-w2,Fortiap",6.3,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-14T14:15:00.000Z,0
CVE-2023-25608,https://securityvulnerability.io/vulnerability/CVE-2023-25608,,"An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments.",Fortinet,"Fortiap-w2,Fortiap-c,Fortiap,Fortiap-u,Fortiap-s",5.2,MEDIUM,0.0006399999838322401,false,false,false,false,,false,false,2023-09-13T13:15:00.000Z,0
CVE-2022-29058,https://securityvulnerability.io/vulnerability/CVE-2022-29058,,"An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiAP 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0, FortiAP-S 6.0.0 through 6.4.7, FortiAP-W2 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0 and FortiAP-U 5.4.0 through 6.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.",Fortinet,"Fortinet Fortiap, Fortiap-s, Fortiap-w2, Fortiap-u",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2022-09-06T15:10:15.000Z,0
CVE-2021-26106,https://securityvulnerability.io/vulnerability/CVE-2021-26106,,An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments.,Fortinet,"Fortinet Fortiap-w2, Fortiap-s, Fortiap",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2021-07-09T18:26:30.000Z,0