An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HFortinet Fortiap S
OSFortinet≤ 6.0.56.2.0 – 6.2.2Fortinet Fortiap U
HWFortinet≤ 6.0.1Fortinet Fortiap W2
OSFortinet≤ 6.0.56.2.0 – 6.2.2
Related vulnerabilities
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command li...
An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the co...
A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 throu...
An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 ...
An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, Fort...