Fortinet Fortiwan
10 CVEs affecting Fortinet Fortiwan. Latest disclosed: 2024-12-19. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-26102 | Critical | 9.8 | 2024-12-19 | A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete… |
CVE-2016-4965 | High | 8.8 | 2016-09-21 | Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands… |
CVE-2023-44252 | High | 8.6 | 2023-12-13 | ** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5… |
CVE-2023-44251 | High | 8.1 | 2023-12-13 | ** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in Fortinet FortiWAN ver… |
CVE-2022-33869 | High | 8.0 | 2023-02-16 | An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiWAN 4.0.0 through 4.5.9 may all… |
CVE-2021-26115 | High | 7.6 | 2024-12-19 | An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged att… |
CVE-2016-4968 | Medium | 6.5 | 2016-09-21 | The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookie… |
CVE-2016-4967 | Medium | 6.5 | 2016-09-21 | Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to obtain sensitive information from (1) a backup of the device configur… |
CVE-2016-4966 | Medium | 6.5 | 2016-09-21 | The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors rel… |
CVE-2016-4969 | Medium | 6.1 | 2016-09-21 | Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote attackers to inject arbitrary web script or HTML… |