Search
Find a vulnerability
Search criteria
14 vulnerabilities found for fortiextender_firmware by fortinet
CVE-2025-64153 (GCVE-0-2025-64153)
Vulnerability from nvd – Published: 2025-12-09 17:18 – Updated: 2026-01-14 09:17
VLAI
EPSS
VEX
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.3
(semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T20:21:16.823596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:43:33.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:27.371Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.4 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-64153",
"datePublished": "2025-12-09T17:18:45.909Z",
"dateReserved": "2025-10-28T12:26:50.749Z",
"dateUpdated": "2026-01-14T09:17:27.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46776 (GCVE-0-2025-46776)
Vulnerability from nvd – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:17
VLAI
EPSS
VEX
Summary
A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-120 - Escalation of privilege
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:33:55.201822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:34:05.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer copy without checking size of input (\u0027classic buffer overflow\u0027) vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:05.351Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46776",
"datePublished": "2025-11-18T17:01:17.437Z",
"dateReserved": "2025-04-29T08:42:13.449Z",
"dateUpdated": "2026-01-14T09:17:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46775 (GCVE-0-2025-46775)
Vulnerability from nvd – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:15
VLAI
EPSS
VEX
Summary
A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1295 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:33:30.741688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:33:37.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1295",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:15:50.464Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46775",
"datePublished": "2025-11-18T17:01:17.364Z",
"dateReserved": "2025-04-29T08:42:13.449Z",
"dateUpdated": "2026-01-14T09:15:50.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23663 (GCVE-0-2024-23663)
Vulnerability from nvd – Published: 2024-07-09 15:33 – Updated: 2024-08-01 23:06
VLAI
EPSS
VEX
Summary
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper access control
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.4.0 , ≤ 7.4.2
(semver)
Affected: 7.2.0 , ≤ 7.2.4 (semver) Affected: 7.0.0 , ≤ 7.0.4 (semver) |
|
| fortinet | fortiextender |
Affected:
7.4.0 , < 7.4.2
(custom)
Affected: 7.2.0 , < 7.2.4 (custom) Affected: 7.0.0 , < 7.0.4 (custom) cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiextender",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
},
{
"lessThan": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThan": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T17:43:01.015107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T17:44:51.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-459",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T15:33:31.512Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-459",
"url": "https://fortiguard.com/psirt/FG-IR-23-459"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiExtender version 7.4.3 or above \nPlease upgrade to FortiExtender version 7.2.5 or above \nPlease upgrade to FortiExtender version 7.0.5 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-23663",
"datePublished": "2024-07-09T15:33:31.512Z",
"dateReserved": "2024-01-19T08:23:28.612Z",
"dateUpdated": "2024-08-01T23:06:25.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23447 (GCVE-0-2022-23447)
Vulnerability from nvd – Published: 2023-07-11 16:52 – Updated: 2024-10-23 14:25
VLAI
EPSS
VEX
Summary
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 5.3.2 Affected: 4.2.0 , ≤ 4.2.4 (semver) Affected: 4.1.1 , ≤ 4.1.8 (semver) Affected: 4.0.0 , ≤ 4.0.2 (semver) Affected: 3.3.0 , ≤ 3.3.2 (semver) Affected: 3.2.1 , ≤ 3.2.3 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-039",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-039"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:15:33.419696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:25:28.182Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"lessThanOrEqual": "4.2.4",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "3.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve\u00a0arbitrary files from the underlying filesystem via specially crafted web requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T16:52:42.353Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-039",
"url": "https://fortiguard.com/psirt/FG-IR-22-039"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiExtender version 7.2.0 or above Please upgrade to FortiExtender version 7.0.4 or above Please upgrade to FortiExtender version 4.2.5 or above Please upgrade to FortiExtender version 4.1.9 or above Please upgrade to FortiExtender version 4.0.3 or above Please upgrade to FortiExtender version 3.3.3 or above Please upgrade to FortiExtender version 3.2.4 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-23447",
"datePublished": "2023-07-11T16:52:42.353Z",
"dateReserved": "2022-01-19T07:38:03.514Z",
"dateUpdated": "2024-10-23T14:25:28.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27489 (GCVE-0-2022-27489)
Vulnerability from nvd – Published: 2023-02-16 18:06 – Updated: 2024-10-23 14:46
VLAI
EPSS
VEX
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 5.3.2 Affected: 4.2.0 , ≤ 4.2.4 (semver) Affected: 4.1.1 , ≤ 4.1.8 (semver) Affected: 4.0.0 , ≤ 4.0.2 (semver) Affected: 3.3.0 , ≤ 3.3.2 (semver) Affected: 3.2.1 , ≤ 3.2.3 (semver) Affected: 3.1.0 , ≤ 3.1.2 (semver) Affected: 3.0.0 , ≤ 3.0.2 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:57.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-048",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-048"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:11:42.419938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:46:25.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"lessThanOrEqual": "4.2.4",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "3.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T18:06:40.150Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-048",
"url": "https://fortiguard.com/psirt/FG-IR-22-048"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.2.0 and above\r\nUpgrade to FortiExtender version 7.0.4 and above\r\nUpgrade to FortiExtender upcoming version 4.2.5 and above\r\nUpgrade to FortiExtender upcoming version 4.1.9 and above\r\nUpgrade to FortiExtender upcoming version 4.0.3 and above\r\nUpgrade to FortiExtender version 3.3.3 and above\r\nUpgrade to FortiExtender version 3.2.4 and above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-27489",
"datePublished": "2023-02-16T18:06:40.150Z",
"dateReserved": "2022-03-21T16:03:48.575Z",
"dateUpdated": "2024-10-23T14:46:25.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41016 (GCVE-0-2021-41016)
Vulnerability from nvd – Published: 2022-02-02 10:58 – Updated: 2024-10-25 13:36
VLAI
EPSS
VEX
Summary
A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://fortiguard.com/advisory/FG-IR-21-148 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:59.113972Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:36:06.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T10:58:37.000Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-41016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-21-148",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-41016",
"datePublished": "2022-02-02T10:58:37.000Z",
"dateReserved": "2021-09-13T00:00:00.000Z",
"dateUpdated": "2024-10-25T13:36:06.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-64153 (GCVE-0-2025-64153)
Vulnerability from cvelistv5 – Published: 2025-12-09 17:18 – Updated: 2026-01-14 09:17
VLAI
EPSS
VEX
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.3
(semver)
Affected: 7.4.0 , ≤ 7.4.7 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T20:21:16.823596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:43:33.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.3",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.7",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:27.371Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.4 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-64153",
"datePublished": "2025-12-09T17:18:45.909Z",
"dateReserved": "2025-10-28T12:26:50.749Z",
"dateUpdated": "2026-01-14T09:17:27.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46776 (GCVE-0-2025-46776)
Vulnerability from cvelistv5 – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:17
VLAI
EPSS
VEX
Summary
A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-120 - Escalation of privilege
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:33:55.201822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:34:05.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer copy without checking size of input (\u0027classic buffer overflow\u0027) vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:05.351Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46776",
"datePublished": "2025-11-18T17:01:17.437Z",
"dateReserved": "2025-04-29T08:42:13.449Z",
"dateUpdated": "2026-01-14T09:17:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46775 (GCVE-0-2025-46775)
Vulnerability from cvelistv5 – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:15
VLAI
EPSS
VEX
Summary
A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1295 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.6.0 , ≤ 7.6.1
(semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver) Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.5 (semver) cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46775",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:33:30.741688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:33:37.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1295",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:15:50.464Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46775",
"datePublished": "2025-11-18T17:01:17.364Z",
"dateReserved": "2025-04-29T08:42:13.449Z",
"dateUpdated": "2026-01-14T09:15:50.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23663 (GCVE-0-2024-23663)
Vulnerability from cvelistv5 – Published: 2024-07-09 15:33 – Updated: 2024-08-01 23:06
VLAI
EPSS
VEX
Summary
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper access control
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.4.0 , ≤ 7.4.2
(semver)
Affected: 7.2.0 , ≤ 7.2.4 (semver) Affected: 7.0.0 , ≤ 7.0.4 (semver) |
|
| fortinet | fortiextender |
Affected:
7.4.0 , < 7.4.2
(custom)
Affected: 7.2.0 , < 7.2.4 (custom) Affected: 7.0.0 , < 7.0.4 (custom) cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiextender",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
},
{
"lessThan": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThan": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T17:43:01.015107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T17:44:51.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-459",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T15:33:31.512Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-459",
"url": "https://fortiguard.com/psirt/FG-IR-23-459"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiExtender version 7.4.3 or above \nPlease upgrade to FortiExtender version 7.2.5 or above \nPlease upgrade to FortiExtender version 7.0.5 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-23663",
"datePublished": "2024-07-09T15:33:31.512Z",
"dateReserved": "2024-01-19T08:23:28.612Z",
"dateUpdated": "2024-08-01T23:06:25.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23447 (GCVE-0-2022-23447)
Vulnerability from cvelistv5 – Published: 2023-07-11 16:52 – Updated: 2024-10-23 14:25
VLAI
EPSS
VEX
Summary
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 5.3.2 Affected: 4.2.0 , ≤ 4.2.4 (semver) Affected: 4.1.1 , ≤ 4.1.8 (semver) Affected: 4.0.0 , ≤ 4.0.2 (semver) Affected: 3.3.0 , ≤ 3.3.2 (semver) Affected: 3.2.1 , ≤ 3.2.3 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-039",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-039"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:15:33.419696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:25:28.182Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"lessThanOrEqual": "4.2.4",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "3.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve\u00a0arbitrary files from the underlying filesystem via specially crafted web requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T16:52:42.353Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-039",
"url": "https://fortiguard.com/psirt/FG-IR-22-039"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiExtender version 7.2.0 or above Please upgrade to FortiExtender version 7.0.4 or above Please upgrade to FortiExtender version 4.2.5 or above Please upgrade to FortiExtender version 4.1.9 or above Please upgrade to FortiExtender version 4.0.3 or above Please upgrade to FortiExtender version 3.3.3 or above Please upgrade to FortiExtender version 3.2.4 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-23447",
"datePublished": "2023-07-11T16:52:42.353Z",
"dateReserved": "2022-01-19T07:38:03.514Z",
"dateUpdated": "2024-10-23T14:25:28.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27489 (GCVE-0-2022-27489)
Vulnerability from cvelistv5 – Published: 2023-02-16 18:06 – Updated: 2024-10-23 14:46
VLAI
EPSS
VEX
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiExtender |
Affected:
7.0.0 , ≤ 7.0.3
(semver)
Affected: 5.3.2 Affected: 4.2.0 , ≤ 4.2.4 (semver) Affected: 4.1.1 , ≤ 4.1.8 (semver) Affected: 4.0.0 , ≤ 4.0.2 (semver) Affected: 3.3.0 , ≤ 3.3.2 (semver) Affected: 3.2.1 , ≤ 3.2.3 (semver) Affected: 3.1.0 , ≤ 3.1.2 (semver) Affected: 3.0.0 , ≤ 3.0.2 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:57.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-048",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-048"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:11:42.419938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:46:25.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiExtender",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"lessThanOrEqual": "4.2.4",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.3.2",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "3.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T18:06:40.150Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-048",
"url": "https://fortiguard.com/psirt/FG-IR-22-048"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiExtender version 7.2.0 and above\r\nUpgrade to FortiExtender version 7.0.4 and above\r\nUpgrade to FortiExtender upcoming version 4.2.5 and above\r\nUpgrade to FortiExtender upcoming version 4.1.9 and above\r\nUpgrade to FortiExtender upcoming version 4.0.3 and above\r\nUpgrade to FortiExtender version 3.3.3 and above\r\nUpgrade to FortiExtender version 3.2.4 and above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-27489",
"datePublished": "2023-02-16T18:06:40.150Z",
"dateReserved": "2022-03-21T16:03:48.575Z",
"dateUpdated": "2024-10-23T14:46:25.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41016 (GCVE-0-2021-41016)
Vulnerability from cvelistv5 – Published: 2022-02-02 10:58 – Updated: 2024-10-25 13:36
VLAI
EPSS
VEX
Summary
A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://fortiguard.com/advisory/FG-IR-21-148 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:59.113972Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:36:06.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T10:58:37.000Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-41016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-21-148",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-21-148"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-41016",
"datePublished": "2022-02-02T10:58:37.000Z",
"dateReserved": "2021-09-13T00:00:00.000Z",
"dateUpdated": "2024-10-25T13:36:06.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}