Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
访问控制不恰当
Vulnerability Title
Fortinet FortiExtender 访问控制错误漏洞
Vulnerability Description
Fortinet FortiExtender是美国飞塔(Fortinet)公司的一款无线WAN(广域网)扩展器设备。 Fortinet FortiExtender存在访问控制错误漏洞,该漏洞源于存在不当访问控制,允许攻击者通过精心设计的HTTP请求创建具有提升权限的用户。
CVSS Information
N/A
Vulnerability Type
N/A