CVE-2021-42758
published 2021-12-08CVE-2021-42758: An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet_fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | — | — |
| fortinet | fortiwlc | 8.2.4 – 8.2.7 | — |
| fortinet | fortiwlc | 8.3.0 – 8.3.3 | — |
| fortinet | fortiwlc | 8.5.0 – 8.5.5 | — |