FortiWAN - OS command injection leads to privilege escalation

CVE-2021-26115

6 Jul 2021

Summary

An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.

Affected Products

FortiWAN versions 4.5.7 and below.

Solutions

Please upgrade to FortiWAN version 4.5.8 or above.

Acknowledgement

Fortinet is pleased to thank Resecurity, Inc for bringing this issue to our attention under responsible disclosure.

Source: FortGuard Labs - Fortinet

CVE-2023-29414

Schneider Electric Accutech Manager (2.7 and prior) - Classic Buffer Overflow

11 Jul 2023

CVE-2018-4097

macOS High Sierra 10.13.2 Arbitrary Code Execution with Kernel Privileges

22 Jan 2018

Newsletter

Keep up to date with the latest cybersecurity news and developments.

By subscribing, I understand and agree that my personal data will be collected and processed according to the Privacy and Cookies Policy

Cloud Architecture

Resecurity

contact@resecurity.com

(+1) 888 273 82 76

445 S. Figueroa Street
Los Angeles, CA 90071

Google Maps

First Name *

Last Name *

Company *

Email Address *

Message *

Try Resecurity products today with a free trial

First Name *

Last Name *

Email Address *

Company *

Location