cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-26113,https://securityvulnerability.io/vulnerability/CVE-2021-26113,Password Guessing Vulnerability in FortiWAN by Fortinet,"In FortiWAN versions before 4.5.9, a vulnerability exists due to the use of a one-way hash with a predictable salt. This could allow an attacker, who has previously obtained the password file, to potentially guess the stored passwords, compromising the security of the affected systems.",Fortinet,Fortinet Fortiwan,6.2,MEDIUM,0.0016799999866634607,false,,false,false,false,,,false,false,,2022-04-06T16:00:57.000Z,0
CVE-2021-32585,https://securityvulnerability.io/vulnerability/CVE-2021-32585,Stored Cross-Site Scripting Vulnerability in FortiWAN by Fortinet,"An input validation flaw in FortiWAN prior to version 4.5.9 allows attackers to inject malicious scripts into web pages through specially crafted HTTP requests. This vulnerability can lead to stored cross-site scripting attacks, compromising user data and overall web application security. Implementing proper input sanitization and updating to the latest version is essential to mitigate this risk.",Fortinet,Fortinet Fortiwan,7.2,HIGH,0.0017999999690800905,false,,false,false,false,,,false,false,,2022-04-06T16:00:40.000Z,0
CVE-2021-32593,https://securityvulnerability.io/vulnerability/CVE-2021-32593,Cryptographic Algorithm Vulnerability in FortiWAN by Fortinet,"A vulnerability in the Dynamic Tunnel Protocol of FortiWAN versions before 4.5.9 allows an unauthenticated remote attacker to exploit a broken cryptographic algorithm. This flaw can enable the attacker to decrypt and forge communications within the protocol, potentially compromising the integrity and confidentiality of the data being transmitted.",Fortinet,Fortinet Fortiwan,6.5,MEDIUM,0.001500000013038516,false,,false,false,false,,,false,false,,2022-04-06T09:15:31.000Z,0
CVE-2021-24009,https://securityvulnerability.io/vulnerability/CVE-2021-24009,Improper Input Validation in FortiWAN Web GUI Allows Command Execution,"Multiple instances of improper input validation in the Web GUI of FortiWAN before version 4.5.9 create vulnerabilities that allow an authenticated attacker to inject and execute arbitrary OS commands. This can be achieved through specially crafted HTTP requests that exploit these weaknesses, potentially compromising the underlying system.",Fortinet,Fortinet Fortiwan,7.2,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2022-04-06T09:15:26.000Z,0
CVE-2021-26114,https://securityvulnerability.io/vulnerability/CVE-2021-26114,SQL Injection Vulnerability in FortiWAN by Fortinet,"Multiple vulnerabilities in FortiWAN prior to version 4.5.9 enable an unauthenticated attacker to exploit improper neutralization of special elements in SQL commands. This could allow unauthorized command execution through specially crafted HTTP requests, posing significant security risks to affected systems.",Fortinet,Fortinet Fortiwan,9.8,CRITICAL,0.004660000093281269,false,,false,false,false,,,false,false,,2022-04-06T09:15:21.000Z,0
CVE-2021-26112,https://securityvulnerability.io/vulnerability/CVE-2021-26112,Stack-based Buffer Overflow in FortiWAN by Fortinet,"Multiple stack-based buffer overflow vulnerabilities exist in the network daemons and command line interpreter of FortiWAN prior to version 4.5.9. These vulnerabilities enable an unauthenticated attacker to craft specific requests that may lead to potential corruption of control data in memory, resulting in the execution of arbitrary code.",Fortinet,Fortinet Fortiwan,8.1,HIGH,0.0036299999337643385,false,,false,false,false,,,false,false,,2022-04-06T09:15:15.000Z,0