Vulnerability CVE-2019-15709
Published: 2020-06-01

Description:
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.

Type:

CWE-20

 (Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
8.5/10
9.2/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
None
Complete
Complete

 References:
https://fortiguard.com/psirt/FG-IR-19-298
Copyright 2024, cxsecurity.com

 

Back to Top