CVE-2017-7341
published 2017-10-26CVE-2017-7341: An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management…
high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | 6.1-2 – 6.1-5 | — |
| fortinet | fortiwlc | 7.0-7 – 7.0-10 | — |
| fortinet | fortiwlc | 8.0 – 8.2 | — |
| fortinet | fortiwlc | 8.3.0 – 8.3.2 | — |