cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-26012,https://securityvulnerability.io/vulnerability/CVE-2024-26012,OS Command Injection Vulnerability in Fortinet FortiAP Products,"An OS command injection vulnerability exists in various Fortinet FortiAP products due to improper neutralization of special characters in OS commands. This vulnerability allows a local authenticated attacker to exploit the command-line interface (CLI) and execute unauthorized code, potentially compromising the security of the device. Affected versions span multiple releases, necessitating immediate action to mitigate risks.",Fortinet,"Fortiap-s,Fortiap-w2,Fortiap",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-14T14:15:00.000Z,0
CVE-2023-25608,https://securityvulnerability.io/vulnerability/CVE-2023-25608,Incomplete Filtering Vulnerability in Fortinet FortiAP Products,"Fortinet's FortiAP series, including various versions of FortiAP-W2, FortiAP-C, and FortiAP-U, are susceptible to an incomplete filtering vulnerability. This flaw allows an authenticated attacker to exploit the command line interpreter, potentially gaining unauthorized access to sensitive files by leveraging specially crafted command arguments. Admins must be vigilant to patch affected versions and safeguard their networks against this vector of attack.",Fortinet,"Fortiap-w2,Fortiap-c,Fortiap,Fortiap-u,Fortiap-s",5.2,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2023-09-13T13:15:00.000Z,0
CVE-2022-29058,https://securityvulnerability.io/vulnerability/CVE-2022-29058,OS Command Injection Vulnerability in FortiAP Products by Fortinet,"An OS command injection vulnerability exists in the command line interpreter of multiple FortiAP products. This issue arises from improper neutralization of special elements, allowing an authenticated attacker to execute unauthorized commands by crafting specific arguments to existing commands. This highlights the importance of secure coding practices to mitigate potential exploitation.",Fortinet,"Fortinet Fortiap, Fortiap-s, Fortiap-w2, Fortiap-u",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-09-06T15:10:15.000Z,0
CVE-2021-26106,https://securityvulnerability.io/vulnerability/CVE-2021-26106,OS Command Injection Vulnerability in FortiAP Products,"An OS command injection flaw exists in FortiAP devices, where an authenticated user can exploit specific crafted arguments to run unauthorized commands via the kdbg CLI command. This vulnerability can potentially lead to unauthorized system manipulation, emphasizing the importance of applying security updates to affected FortiAP versions.",Fortinet,"Fortinet Fortiap-w2, Fortiap-s, Fortiap",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-07-09T18:26:30.000Z,0