CVE-2016-4965
published 2016-09-21CVE-2016-4965: Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands…
high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortiwan | <= 4.2.4 | — |