Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiAP 操作系统命令注入漏洞
Vulnerability Description
Fortinet FortiAP是美国飞塔(Fortinet)公司的一款用于管理无线接入点设备的控制器。 Fortinet FortiAP-C 存在操作系统命令注入漏洞,该漏洞源于在FortiAP-C控制台中,使用的特殊元素缺少有效的转义和过滤,可能会允许经过身份验证的攻击者利用该漏洞通过运行带有特定参数的CLI命令来执行未经授权的命令。
CVSS Information
N/A
Vulnerability Type
N/A