cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-23663,https://securityvulnerability.io/vulnerability/CVE-2024-23663,Improper Access Control in FortiExtender Could Lead to Elevated Privileges,"An improper access control vulnerability in Fortinet FortiExtender versions 4.1.1 to 4.1.9, 4.2.0 to 4.2.6, 5.3.2, 7.0.0 to 7.0.4, 7.2.0 to 7.2.4, and 7.4.0 to 7.4.2 can be exploited by attackers to create users with elevated privileges. This vulnerability arises from a failure to adequately control access rights, allowing unauthorized alteration of user roles through specially crafted HTTP requests.",Fortinet,Fortiextender Firmware,8.8,HIGH,0.0005000000237487257,false,false,false,false,,false,false,2024-07-09T16:15:00.000Z,0
CVE-2021-41016,https://securityvulnerability.io/vulnerability/CVE-2021-41016,,"A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters",Fortinet,Fortiextender Firmware,7.8,HIGH,0.0029899999499320984,false,false,false,false,,false,false,2022-02-02T10:58:37.000Z,0