RSS   Vulnerabilities for 'Fortiwlc'   RSS

2021-12-08
 
CVE-2021-42758

CWE-863
 

 
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.

 
2020-06-22
 
CVE-2020-9288

CWE-79
 

 
An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile.

 
2017-10-26
 
CVE-2017-7341

CWE-78
 

 
An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests.

 
 
CVE-2017-7335

CWE-79
 

 
A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refresh" and "branchtotable" present in HTTP POST requests.

 
2017-02-01
 
CVE-2016-8491

 

 
The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell.

 
2016-10-05
 
CVE-2016-7561

 

 
Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file.

 
 
CVE-2016-7560

 

 
The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors.

 

 >>> Vendor: Fortinet 106 Products
Fortinet firewall
Fortigate
Fortios
Fortinet antivirus
Fortinet
Fortinet28
Forticlient host security
Fortiguard antivirus
Fortigate-1000
Forticlient
Connect
Fortigate-1000c
Fortigate-100d
Fortigate-110c
Fortigate-1240b
Fortigate-200b
Fortigate-20c
Fortigate-300c
Fortigate-3040b
Fortigate-310b
Fortigate-311b
Fortigate-3140b
Fortigate-3240c
Fortigate-3810a
Fortigate-3950b
Fortigate-40c
Fortigate-5001a-sw
Fortigate-5001b
Fortigate-5020
Fortigate-5060
Fortigate-50b
Fortigate-5101c
Fortigate-5140b
Fortigate-600c
Fortigate-60c
Fortigate-620b
Fortigate-800c
Fortigate-80c
Fortigate-voice-80c
Fortigaterugged-100c
Fortimail
Forticlient lite
Forticlient ssl vpn
Fortianalyzer-1000d
Fortianalyzer-2000b
Fortianalyzer-200d
Fortianalyzer-3000d
Fortianalyzer-300d
Fortianalyzer-4000b
Fortianalyzer firmware
Fortiweb
Fortiadc-1000e
Fortiadc-1500d
Fortiadc-2000d
Fortiadc-200d
Fortiadc-300e
Fortiadc-4000d
Fortiadc-400e
Fortiadc-600e
Fortiadc firmware
Fortiauthenticator
Fortimanager
Coyote point equalizer
Coyote point equalizer firmware
Single sign on
Fortiadc-700d
Fortimanager firmware
Fortisandbox firmware
Fortiswitch
Fortiwan
Fortiwlc
Fortiportal
Fortiwlc-sd
Fortiwlm
Fortiweb manager
Fortidb
Forticlient sslvpn client
Fortianalyzer
Fortisiem
Fcm-mb40 firmware
Fortinac
Fortiisolator
Forticlient emergency management server
Forticlient virtual private network
Fortiadc
Fortiap
Fortiap-s
Fortiap-u
Fortiap-w2
Fortivoice
Fortisiem windows agent
Fortideceptor
Fortitester
Fortiproxy
Fortiadc manager
Fortipresence
Fortisandbox
Fortisdnconnector
Forticlient endpoint management server
Forticlient enterprise management server
See all Products for Vendor Fortinet


Copyright 2024, cxsecurity.com

 

Back to Top