cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-23663,https://securityvulnerability.io/vulnerability/CVE-2024-23663,Improper Access Control in FortiExtender Could Lead to Elevated Privileges,"An improper access control vulnerability in Fortinet FortiExtender versions 4.1.1 to 4.1.9, 4.2.0 to 4.2.6, 5.3.2, 7.0.0 to 7.0.4, 7.2.0 to 7.2.4, and 7.4.0 to 7.4.2 can be exploited by attackers to create users with elevated privileges. This vulnerability arises from a failure to adequately control access rights, allowing unauthorized alteration of user roles through specially crafted HTTP requests.",Fortinet,Fortiextender Firmware,8.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-07-09T16:15:00.000Z,0
CVE-2021-41016,https://securityvulnerability.io/vulnerability/CVE-2021-41016,Command Injection Vulnerability in Fortinet FortiExtender,"An improper neutralization of special elements in Fortinet FortiExtender allows authenticated attackers to execute unauthorized privileged shell commands via command-line interface (CLI) commands. This vulnerability affects multiple versions of the product, enabling potential exploitation if safeguards are not implemented. For detailed information on this advisory, refer to Fortinet's public advisory.",Fortinet,Fortiextender Firmware,7.8,HIGH,0.0029899999499320984,false,,false,false,false,,,false,false,,2022-02-02T10:58:37.000Z,0