CVE-2021-26115
published 2024-12-19CVE-2021-26115: An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortiwan | < 4.5.8 | 4.5.8 |
| fortinet | fortiwan | — | — |
| fortinet | fortiwan | 4.0.0 – 4.0.6 | — |
| fortinet | fortiwan | 4.1.1 – 4.1.3 | — |
| fortinet | fortiwan | 4.2.1 – 4.2.2 | — |
| fortinet | fortiwan | 4.2.5 – 4.2.7 | — |
| fortinet | fortiwan | 4.3.0 – 4.3.1 | — |
| fortinet | fortiwan | 4.4.0 – 4.4.1 | — |
| fortinet | fortiwan | 4.5.0 – 4.5.7 | — |