Vulnerabilities (CVE)

Filtered by vendor Fortinet Subscribe
Filtered by product Fortiap-u
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-36634 1 Fortinet 1 Fortiap-u 2024-11-21 N/A 7.1 HIGH
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially crafted command arguments.
CVE-2023-25608 1 Fortinet 4 Fortiap, Fortiap-c, Fortiap-u and 1 more 2024-11-21 N/A 5.5 MEDIUM
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments.
CVE-2022-30301 1 Fortinet 1 Fortiap-u 2024-11-21 N/A 7.8 HIGH
A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands.
CVE-2022-29058 1 Fortinet 4 Fortiap, Fortiap-s, Fortiap-u and 1 more 2024-11-21 N/A 7.8 HIGH
An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiAP 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0, FortiAP-S 6.0.0 through 6.4.7, FortiAP-W2 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0 and FortiAP-U 5.4.0 through 6.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
CVE-2019-15709 1 Fortinet 3 Fortiap-s, Fortiap-u, Fortiap-w2 2024-11-21 8.5 HIGH 6.5 MEDIUM
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.
CVE-2019-15708 1 Fortinet 4 Fortiap, Fortiap-s, Fortiap-u and 1 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6.2.0, 6.0.5 and below, FortiAP 6.0.5 and below and FortiAP-U below 6.0.0 under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands.