Search criteria
14 vulnerabilities found for fortiextender_firmware by fortinet
CVE-2025-64153 (GCVE-0-2025-64153)
Vulnerability from nvd – Published: 2025-12-09 17:18 – Updated: 2026-01-14 09:17
VLAI?
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request.
Severity ?
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.3
(semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T20:21:16.823596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:43:33.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:27.371Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.4 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-64153",
"datePublished": "2025-12-09T17:18:45.909Z",
"dateReserved": "2025-10-28T12:26:50.749Z",
"dateUpdated": "2026-01-14T09:17:27.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46776 (GCVE-0-2025-46776)
Vulnerability from nvd – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:17
VLAI?
Summary
A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands.
Severity ?
CWE
- CWE-120 - Escalation of privilege
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:33:55.201822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:34:05.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer copy without checking size of input (\u0027classic buffer overflow\u0027) vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:05.351Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46776",
"datePublished": "2025-11-18T17:01:17.437Z",
"dateReserved": "2025-04-29T08:42:13.449Z",
"dateUpdated": "2026-01-14T09:17:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46775 (GCVE-0-2025-46775)
Vulnerability from nvd – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:15
VLAI?
Summary
A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.
Severity ?
CWE
- CWE-1295 - Information disclosure
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:33:30.741688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:33:37.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1295",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:15:50.464Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46775",
"datePublished": "2025-11-18T17:01:17.364Z",
"dateReserved": "2025-04-29T08:42:13.449Z",
"dateUpdated": "2026-01-14T09:15:50.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23663 (GCVE-0-2024-23663)
Vulnerability from nvd – Published: 2024-07-09 15:33 – Updated: 2024-08-01 23:06
VLAI?
Summary
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request.
Severity ?
CWE
- CWE-284 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.4.0 , ≤ 7.4.2
(semver)
Affected: 7.2.0 , ≤ 7.2.4 (semver) Affected: 7.0.0 , ≤ 7.0.4 (semver) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiextender",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
},
{
"lessThan": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThan": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T17:43:01.015107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T17:44:51.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-459",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T15:33:31.512Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-459",
"url": "https://fortiguard.com/psirt/FG-IR-23-459"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiExtender version 7.4.3 or above \nPlease upgrade to FortiExtender version 7.2.5 or above \nPlease upgrade to FortiExtender version 7.0.5 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-23663",
"datePublished": "2024-07-09T15:33:31.512Z",
"dateReserved": "2024-01-19T08:23:28.612Z",
"dateUpdated": "2024-08-01T23:06:25.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23447 (GCVE-0-2022-23447)
Vulnerability from nvd – Published: 2023-07-11 16:52 – Updated: 2024-10-23 14:25
VLAI?
Summary
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
Severity ?
CWE
- CWE-22 - Information disclosure
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 5.3.2 Affected: 4.2.0 , ≤ 4.2.4 (semver) Affected: 4.1.1 , ≤ 4.1.8 (semver) Affected: 4.0.0 , ≤ 4.0.2 (semver) Affected: 3.3.0 , ≤ 3.3.2 (semver) Affected: 3.2.1 , ≤ 3.2.3 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-039",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-039"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:15:33.419696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:25:28.182Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"lessThanOrEqual": "4.2.4",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "3.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve\u00a0arbitrary files from the underlying filesystem via specially crafted web requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T16:52:42.353Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-039",
"url": "https://fortiguard.com/psirt/FG-IR-22-039"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiExtender version 7.2.0 or above Please upgrade to FortiExtender version 7.0.4 or above Please upgrade to FortiExtender version 4.2.5 or above Please upgrade to FortiExtender version 4.1.9 or above Please upgrade to FortiExtender version 4.0.3 or above Please upgrade to FortiExtender version 3.3.3 or above Please upgrade to FortiExtender version 3.2.4 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-23447",
"datePublished": "2023-07-11T16:52:42.353Z",
"dateReserved": "2022-01-19T07:38:03.514Z",
"dateUpdated": "2024-10-23T14:25:28.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27489 (GCVE-0-2022-27489)
Vulnerability from nvd – Published: 2023-02-16 18:06 – Updated: 2024-10-23 14:46
VLAI?
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Severity ?
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 5.3.2 Affected: 4.2.0 , ≤ 4.2.4 (semver) Affected: 4.1.1 , ≤ 4.1.8 (semver) Affected: 4.0.0 , ≤ 4.0.2 (semver) Affected: 3.3.0 , ≤ 3.3.2 (semver) Affected: 3.2.1 , ≤ 3.2.3 (semver) Affected: 3.1.0 , ≤ 3.1.2 (semver) Affected: 3.0.0 , ≤ 3.0.2 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:57.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-048",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-048"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:11:42.419938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:46:25.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"lessThanOrEqual": "4.2.4",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "3.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T18:06:40.150Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-048",
"url": "https://fortiguard.com/psirt/FG-IR-22-048"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.2.0 and above\r\nUpgrade to FortiExtender version 7.0.4 and above\r\nUpgrade to FortiExtender upcoming version 4.2.5 and above\r\nUpgrade to FortiExtender upcoming version 4.1.9 and above\r\nUpgrade to FortiExtender upcoming version 4.0.3 and above\r\nUpgrade to FortiExtender version 3.3.3 and above\r\nUpgrade to FortiExtender version 3.2.4 and above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-27489",
"datePublished": "2023-02-16T18:06:40.150Z",
"dateReserved": "2022-03-21T16:03:48.575Z",
"dateUpdated": "2024-10-23T14:46:25.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41016 (GCVE-0-2021-41016)
Vulnerability from nvd – Published: 2022-02-02 10:58 – Updated: 2024-10-25 13:36
VLAI?
Summary
A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters
Severity ?
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:59.113972Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:36:06.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T10:58:37",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-41016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-21-148",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-41016",
"datePublished": "2022-02-02T10:58:37",
"dateReserved": "2021-09-13T00:00:00",
"dateUpdated": "2024-10-25T13:36:06.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-64153 (GCVE-0-2025-64153)
Vulnerability from cvelistv5 – Published: 2025-12-09 17:18 – Updated: 2026-01-14 09:17
VLAI?
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request.
Severity ?
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.3
(semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T20:21:16.823596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:43:33.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:27.371Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.4 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-64153",
"datePublished": "2025-12-09T17:18:45.909Z",
"dateReserved": "2025-10-28T12:26:50.749Z",
"dateUpdated": "2026-01-14T09:17:27.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46776 (GCVE-0-2025-46776)
Vulnerability from cvelistv5 – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:17
VLAI?
Summary
A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands.
Severity ?
CWE
- CWE-120 - Escalation of privilege
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:33:55.201822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:34:05.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer copy without checking size of input (\u0027classic buffer overflow\u0027) vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:05.351Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46776",
"datePublished": "2025-11-18T17:01:17.437Z",
"dateReserved": "2025-04-29T08:42:13.449Z",
"dateUpdated": "2026-01-14T09:17:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46775 (GCVE-0-2025-46775)
Vulnerability from cvelistv5 – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:15
VLAI?
Summary
A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.
Severity ?
CWE
- CWE-1295 - Information disclosure
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:33:30.741688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:33:37.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1295",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:15:50.464Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46775",
"datePublished": "2025-11-18T17:01:17.364Z",
"dateReserved": "2025-04-29T08:42:13.449Z",
"dateUpdated": "2026-01-14T09:15:50.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23663 (GCVE-0-2024-23663)
Vulnerability from cvelistv5 – Published: 2024-07-09 15:33 – Updated: 2024-08-01 23:06
VLAI?
Summary
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request.
Severity ?
CWE
- CWE-284 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.4.0 , ≤ 7.4.2
(semver)
Affected: 7.2.0 , ≤ 7.2.4 (semver) Affected: 7.0.0 , ≤ 7.0.4 (semver) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiextender",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
},
{
"lessThan": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThan": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T17:43:01.015107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T17:44:51.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-459",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T15:33:31.512Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-459",
"url": "https://fortiguard.com/psirt/FG-IR-23-459"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiExtender version 7.4.3 or above \nPlease upgrade to FortiExtender version 7.2.5 or above \nPlease upgrade to FortiExtender version 7.0.5 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-23663",
"datePublished": "2024-07-09T15:33:31.512Z",
"dateReserved": "2024-01-19T08:23:28.612Z",
"dateUpdated": "2024-08-01T23:06:25.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23447 (GCVE-0-2022-23447)
Vulnerability from cvelistv5 – Published: 2023-07-11 16:52 – Updated: 2024-10-23 14:25
VLAI?
Summary
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
Severity ?
CWE
- CWE-22 - Information disclosure
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 5.3.2 Affected: 4.2.0 , ≤ 4.2.4 (semver) Affected: 4.1.1 , ≤ 4.1.8 (semver) Affected: 4.0.0 , ≤ 4.0.2 (semver) Affected: 3.3.0 , ≤ 3.3.2 (semver) Affected: 3.2.1 , ≤ 3.2.3 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-039",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-039"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:15:33.419696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:25:28.182Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"lessThanOrEqual": "4.2.4",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "3.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve\u00a0arbitrary files from the underlying filesystem via specially crafted web requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T16:52:42.353Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-039",
"url": "https://fortiguard.com/psirt/FG-IR-22-039"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiExtender version 7.2.0 or above Please upgrade to FortiExtender version 7.0.4 or above Please upgrade to FortiExtender version 4.2.5 or above Please upgrade to FortiExtender version 4.1.9 or above Please upgrade to FortiExtender version 4.0.3 or above Please upgrade to FortiExtender version 3.3.3 or above Please upgrade to FortiExtender version 3.2.4 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-23447",
"datePublished": "2023-07-11T16:52:42.353Z",
"dateReserved": "2022-01-19T07:38:03.514Z",
"dateUpdated": "2024-10-23T14:25:28.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27489 (GCVE-0-2022-27489)
Vulnerability from cvelistv5 – Published: 2023-02-16 18:06 – Updated: 2024-10-23 14:46
VLAI?
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Severity ?
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 5.3.2 Affected: 4.2.0 , ≤ 4.2.4 (semver) Affected: 4.1.1 , ≤ 4.1.8 (semver) Affected: 4.0.0 , ≤ 4.0.2 (semver) Affected: 3.3.0 , ≤ 3.3.2 (semver) Affected: 3.2.1 , ≤ 3.2.3 (semver) Affected: 3.1.0 , ≤ 3.1.2 (semver) Affected: 3.0.0 , ≤ 3.0.2 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:57.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-048",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-048"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:11:42.419938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:46:25.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"lessThanOrEqual": "4.2.4",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "3.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T18:06:40.150Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-048",
"url": "https://fortiguard.com/psirt/FG-IR-22-048"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.2.0 and above\r\nUpgrade to FortiExtender version 7.0.4 and above\r\nUpgrade to FortiExtender upcoming version 4.2.5 and above\r\nUpgrade to FortiExtender upcoming version 4.1.9 and above\r\nUpgrade to FortiExtender upcoming version 4.0.3 and above\r\nUpgrade to FortiExtender version 3.3.3 and above\r\nUpgrade to FortiExtender version 3.2.4 and above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-27489",
"datePublished": "2023-02-16T18:06:40.150Z",
"dateReserved": "2022-03-21T16:03:48.575Z",
"dateUpdated": "2024-10-23T14:46:25.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41016 (GCVE-0-2021-41016)
Vulnerability from cvelistv5 – Published: 2022-02-02 10:58 – Updated: 2024-10-25 13:36
VLAI?
Summary
A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters
Severity ?
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:59.113972Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:36:06.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T10:58:37",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-41016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-21-148",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-41016",
"datePublished": "2022-02-02T10:58:37",
"dateReserved": "2021-09-13T00:00:00",
"dateUpdated": "2024-10-25T13:36:06.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}