Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    18 vulnerabilities found for FortiExtender by Fortinet

    CVE-2025-64153 (GCVE-0-2025-64153)

    Vulnerability from nvd – Published: 2025-12-09 17:18 – Updated: 2026-01-14 09:17
    VLAI
    Summary
    A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Execute unauthorized code or commands
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.6.0 , ≤ 7.6.3 (semver)
    Affected: 7.4.0 , ≤ 7.4.7 (semver)
    Affected: 7.2.0 , ≤ 7.2.5 (semver)
    Affected: 7.0.0 , ≤ 7.0.5 (semver)
        cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-64153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-09T20:21:16.823596Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-09T20:43:33.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.6.3",
                  "status": "affected",
                  "version": "7.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.4.7",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.5",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.5",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-14T09:17:27.371Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to FortiExtender version 7.6.4 or above\nUpgrade to FortiExtender version 7.4.8 or above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2025-64153",
        "datePublished": "2025-12-09T17:18:45.909Z",
        "dateReserved": "2025-10-28T12:26:50.749Z",
        "dateUpdated": "2026-01-14T09:17:27.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-46776 (GCVE-0-2025-46776)

    Vulnerability from nvd – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:17
    VLAI
    Summary
    A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.6.0 , ≤ 7.6.1 (semver)
    Affected: 7.4.0 , ≤ 7.4.6 (semver)
    Affected: 7.2.0 , ≤ 7.2.5 (semver)
    Affected: 7.0.0 , ≤ 7.0.5 (semver)
        cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-46776",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-18T18:33:55.201822Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-18T18:34:05.679Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.6.1",
                  "status": "affected",
                  "version": "7.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.4.6",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.5",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.5",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A buffer copy without checking size of input (\u0027classic buffer overflow\u0027) vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Escalation of privilege",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-14T09:17:05.351Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2025-46776",
        "datePublished": "2025-11-18T17:01:17.437Z",
        "dateReserved": "2025-04-29T08:42:13.449Z",
        "dateUpdated": "2026-01-14T09:17:05.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-46775 (GCVE-0-2025-46775)

    Vulnerability from nvd – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:15
    VLAI
    Summary
    A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.6.0 , ≤ 7.6.1 (semver)
    Affected: 7.4.0 , ≤ 7.4.6 (semver)
    Affected: 7.2.0 , ≤ 7.2.5 (semver)
    Affected: 7.0.0 , ≤ 7.0.5 (semver)
        cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-46775",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-18T18:33:30.741688Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-18T18:33:37.068Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.6.1",
                  "status": "affected",
                  "version": "7.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.4.6",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.5",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.5",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1295",
                  "description": "Information disclosure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-14T09:15:50.464Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2025-46775",
        "datePublished": "2025-11-18T17:01:17.364Z",
        "dateReserved": "2025-04-29T08:42:13.449Z",
        "dateUpdated": "2026-01-14T09:15:50.464Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-23663 (GCVE-0-2024-23663)

    Vulnerability from nvd – Published: 2024-07-09 15:33 – Updated: 2024-08-01 23:06
    VLAI
    Summary
    An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper access control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.4.0 , ≤ 7.4.2 (semver)
    Affected: 7.2.0 , ≤ 7.2.4 (semver)
    Affected: 7.0.0 , ≤ 7.0.4 (semver)
    Create a notification for this product.
    fortinet fortiextender Affected: 7.4.0 , < 7.4.2 (custom)
    Affected: 7.2.0 , < 7.2.4 (custom)
    Affected: 7.0.0 , < 7.0.4 (custom)
        cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fortiextender",
                "vendor": "fortinet",
                "versions": [
                  {
                    "lessThan": "7.4.2",
                    "status": "affected",
                    "version": "7.4.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "7.2.4",
                    "status": "affected",
                    "version": "7.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "7.0.4",
                    "status": "affected",
                    "version": "7.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23663",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-09T17:43:01.015107Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-09T17:44:51.463Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:06:25.354Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://fortiguard.com/psirt/FG-IR-23-459",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-23-459"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.4.2",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.4",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.4",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T15:33:31.512Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-23-459",
              "url": "https://fortiguard.com/psirt/FG-IR-23-459"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiExtender version 7.4.3 or above \nPlease upgrade to FortiExtender version 7.2.5 or above \nPlease upgrade to FortiExtender version 7.0.5 or above \n"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2024-23663",
        "datePublished": "2024-07-09T15:33:31.512Z",
        "dateReserved": "2024-01-19T08:23:28.612Z",
        "dateUpdated": "2024-08-01T23:06:25.354Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23447 (GCVE-0-2022-23447)

    Vulnerability from nvd – Published: 2023-07-11 16:52 – Updated: 2024-10-23 14:25
    VLAI
    Summary
    An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Information disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.0.0 , ≤ 7.0.3 (semver)
    Affected: 5.3.2
    Affected: 4.2.0 , ≤ 4.2.4 (semver)
    Affected: 4.1.1 , ≤ 4.1.8 (semver)
    Affected: 4.0.0 , ≤ 4.0.2 (semver)
    Affected: 3.3.0 , ≤ 3.3.2 (semver)
    Affected: 3.2.1 , ≤ 3.2.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:43:46.110Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://fortiguard.com/psirt/FG-IR-22-039",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-22-039"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23447",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T14:15:33.419696Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T14:25:28.182Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.3",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "5.3.2"
                },
                {
                  "lessThanOrEqual": "4.2.4",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.0.2",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.3.2",
                  "status": "affected",
                  "version": "3.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.2.3",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in FortiExtender management interface  7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve\u00a0arbitrary files from the underlying filesystem via specially crafted web requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Information disclosure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-11T16:52:42.353Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-22-039",
              "url": "https://fortiguard.com/psirt/FG-IR-22-039"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiExtender version 7.2.0 or above Please upgrade to FortiExtender version 7.0.4 or above Please upgrade to FortiExtender version 4.2.5 or above Please upgrade to FortiExtender version 4.1.9 or above Please upgrade to FortiExtender version 4.0.3 or above Please upgrade to FortiExtender version 3.3.3 or above Please upgrade to FortiExtender version 3.2.4 or above "
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2022-23447",
        "datePublished": "2023-07-11T16:52:42.353Z",
        "dateReserved": "2022-01-19T07:38:03.514Z",
        "dateUpdated": "2024-10-23T14:25:28.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-27489 (GCVE-0-2022-27489)

    Vulnerability from nvd – Published: 2023-02-16 18:06 – Updated: 2024-10-23 14:46
    VLAI
    Summary
    A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Execute unauthorized code or commands
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.0.0 , ≤ 7.0.3 (semver)
    Affected: 5.3.2
    Affected: 4.2.0 , ≤ 4.2.4 (semver)
    Affected: 4.1.1 , ≤ 4.1.8 (semver)
    Affected: 4.0.0 , ≤ 4.0.2 (semver)
    Affected: 3.3.0 , ≤ 3.3.2 (semver)
    Affected: 3.2.1 , ≤ 3.2.3 (semver)
    Affected: 3.1.0 , ≤ 3.1.2 (semver)
    Affected: 3.0.0 , ≤ 3.0.2 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:32:57.924Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://fortiguard.com/psirt/FG-IR-22-048",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-22-048"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-27489",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T14:11:42.419938Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T14:46:25.263Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.3",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "5.3.2"
                },
                {
                  "lessThanOrEqual": "4.2.4",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.0.2",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.3.2",
                  "status": "affected",
                  "version": "3.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.2.3",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.1.2",
                  "status": "affected",
                  "version": "3.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.0.2",
                  "status": "affected",
                  "version": "3.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-16T18:06:40.150Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-22-048",
              "url": "https://fortiguard.com/psirt/FG-IR-22-048"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to FortiExtender version 7.2.0 and above\r\nUpgrade to FortiExtender version 7.0.4 and above\r\nUpgrade to FortiExtender upcoming version 4.2.5 and above\r\nUpgrade to FortiExtender upcoming version 4.1.9 and above\r\nUpgrade to FortiExtender upcoming version 4.0.3 and above\r\nUpgrade to FortiExtender version 3.3.3 and above\r\nUpgrade to FortiExtender version 3.2.4 and above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2022-27489",
        "datePublished": "2023-02-16T18:06:40.150Z",
        "dateReserved": "2022-03-21T16:03:48.575Z",
        "dateUpdated": "2024-10-23T14:46:25.263Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-15710 (GCVE-0-2019-15710)

    Vulnerability from nvd – Published: 2019-10-31 19:26 – Updated: 2024-10-25 14:28
    VLAI
    Summary
    An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted "execute date" commands.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Execute unauthorized code or commands
    Assigner
    References
    URL Tags
    https://fortiguard.com/psirt/FG-IR-19-273 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 4.1.0 to 4.1.1
    Affected: 4.0.0 and below
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:56:22.396Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-19-273"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-15710",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-24T20:03:49.759787Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T14:28:08.293Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 to 4.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.0.0 and below"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted \"execute date\" commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-04T18:51:39.000Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://fortiguard.com/psirt/FG-IR-19-273"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@fortinet.com",
              "ID": "CVE-2019-15710",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "FortiExtender",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.1.0 to 4.1.1"
                              },
                              {
                                "version_value": "4.0.0 and below"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fortinet"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted \"execute date\" commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Execute unauthorized code or commands"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://fortiguard.com/psirt/FG-IR-19-273",
                  "refsource": "CONFIRM",
                  "url": "https://fortiguard.com/psirt/FG-IR-19-273"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2019-15710",
        "datePublished": "2019-10-31T19:26:14.000Z",
        "dateReserved": "2019-08-27T00:00:00.000Z",
        "dateUpdated": "2024-10-25T14:28:08.293Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-64153 (GCVE-0-2025-64153)

    Vulnerability from cvelistv5 – Published: 2025-12-09 17:18 – Updated: 2026-01-14 09:17
    VLAI
    Summary
    A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Execute unauthorized code or commands
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.6.0 , ≤ 7.6.3 (semver)
    Affected: 7.4.0 , ≤ 7.4.7 (semver)
    Affected: 7.2.0 , ≤ 7.2.5 (semver)
    Affected: 7.0.0 , ≤ 7.0.5 (semver)
        cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-64153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-09T20:21:16.823596Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-09T20:43:33.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiextender:7.6.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.6.3",
                  "status": "affected",
                  "version": "7.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.4.7",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.5",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.5",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.6.0 through 7.6.3, FortiExtender 7.4.0 through 7.4.7, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specific HTTP request."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-14T09:17:27.371Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-739"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to FortiExtender version 7.6.4 or above\nUpgrade to FortiExtender version 7.4.8 or above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2025-64153",
        "datePublished": "2025-12-09T17:18:45.909Z",
        "dateReserved": "2025-10-28T12:26:50.749Z",
        "dateUpdated": "2026-01-14T09:17:27.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-46776 (GCVE-0-2025-46776)

    Vulnerability from cvelistv5 – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:17
    VLAI
    Summary
    A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Escalation of privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.6.0 , ≤ 7.6.1 (semver)
    Affected: 7.4.0 , ≤ 7.4.6 (semver)
    Affected: 7.2.0 , ≤ 7.2.5 (semver)
    Affected: 7.0.0 , ≤ 7.0.5 (semver)
        cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-46776",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-18T18:33:55.201822Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-18T18:34:05.679Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.6.1",
                  "status": "affected",
                  "version": "7.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.4.6",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.5",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.5",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A buffer copy without checking size of input (\u0027classic buffer overflow\u0027) vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or commands via crafted CLI commands."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Escalation of privilege",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-14T09:17:05.351Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-251"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2025-46776",
        "datePublished": "2025-11-18T17:01:17.437Z",
        "dateReserved": "2025-04-29T08:42:13.449Z",
        "dateUpdated": "2026-01-14T09:17:05.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-46775 (GCVE-0-2025-46775)

    Vulnerability from cvelistv5 – Published: 2025-11-18 17:01 – Updated: 2026-01-14 09:15
    VLAI
    Summary
    A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.6.0 , ≤ 7.6.1 (semver)
    Affected: 7.4.0 , ≤ 7.4.6 (semver)
    Affected: 7.2.0 , ≤ 7.2.5 (semver)
    Affected: 7.0.0 , ≤ 7.0.5 (semver)
        cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-46775",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-18T18:33:30.741688Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-18T18:33:37.068Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiextender:7.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiextender:7.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.6.1",
                  "status": "affected",
                  "version": "7.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.4.6",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.5",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.5",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to obtain administrator credentials via debug log commands."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1295",
                  "description": "Information disclosure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-14T09:15:50.464Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-259"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to FortiExtender version 7.6.3 or above\nUpgrade to FortiExtender version 7.4.8 or above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2025-46775",
        "datePublished": "2025-11-18T17:01:17.364Z",
        "dateReserved": "2025-04-29T08:42:13.449Z",
        "dateUpdated": "2026-01-14T09:15:50.464Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-23663 (GCVE-0-2024-23663)

    Vulnerability from cvelistv5 – Published: 2024-07-09 15:33 – Updated: 2024-08-01 23:06
    VLAI
    Summary
    An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper access control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.4.0 , ≤ 7.4.2 (semver)
    Affected: 7.2.0 , ≤ 7.2.4 (semver)
    Affected: 7.0.0 , ≤ 7.0.4 (semver)
    Create a notification for this product.
    fortinet fortiextender Affected: 7.4.0 , < 7.4.2 (custom)
    Affected: 7.2.0 , < 7.2.4 (custom)
    Affected: 7.0.0 , < 7.0.4 (custom)
        cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:fortinet:fortiextender:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fortiextender",
                "vendor": "fortinet",
                "versions": [
                  {
                    "lessThan": "7.4.2",
                    "status": "affected",
                    "version": "7.4.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "7.2.4",
                    "status": "affected",
                    "version": "7.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "7.0.4",
                    "status": "affected",
                    "version": "7.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23663",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-09T17:43:01.015107Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-09T17:44:51.463Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:06:25.354Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://fortiguard.com/psirt/FG-IR-23-459",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-23-459"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.4.2",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.4",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.4",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T15:33:31.512Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-23-459",
              "url": "https://fortiguard.com/psirt/FG-IR-23-459"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiExtender version 7.4.3 or above \nPlease upgrade to FortiExtender version 7.2.5 or above \nPlease upgrade to FortiExtender version 7.0.5 or above \n"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2024-23663",
        "datePublished": "2024-07-09T15:33:31.512Z",
        "dateReserved": "2024-01-19T08:23:28.612Z",
        "dateUpdated": "2024-08-01T23:06:25.354Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23447 (GCVE-0-2022-23447)

    Vulnerability from cvelistv5 – Published: 2023-07-11 16:52 – Updated: 2024-10-23 14:25
    VLAI
    Summary
    An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Information disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.0.0 , ≤ 7.0.3 (semver)
    Affected: 5.3.2
    Affected: 4.2.0 , ≤ 4.2.4 (semver)
    Affected: 4.1.1 , ≤ 4.1.8 (semver)
    Affected: 4.0.0 , ≤ 4.0.2 (semver)
    Affected: 3.3.0 , ≤ 3.3.2 (semver)
    Affected: 3.2.1 , ≤ 3.2.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:43:46.110Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://fortiguard.com/psirt/FG-IR-22-039",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-22-039"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23447",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T14:15:33.419696Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T14:25:28.182Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.3",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "5.3.2"
                },
                {
                  "lessThanOrEqual": "4.2.4",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.0.2",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.3.2",
                  "status": "affected",
                  "version": "3.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.2.3",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in FortiExtender management interface  7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve\u00a0arbitrary files from the underlying filesystem via specially crafted web requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Information disclosure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-11T16:52:42.353Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-22-039",
              "url": "https://fortiguard.com/psirt/FG-IR-22-039"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiExtender version 7.2.0 or above Please upgrade to FortiExtender version 7.0.4 or above Please upgrade to FortiExtender version 4.2.5 or above Please upgrade to FortiExtender version 4.1.9 or above Please upgrade to FortiExtender version 4.0.3 or above Please upgrade to FortiExtender version 3.3.3 or above Please upgrade to FortiExtender version 3.2.4 or above "
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2022-23447",
        "datePublished": "2023-07-11T16:52:42.353Z",
        "dateReserved": "2022-01-19T07:38:03.514Z",
        "dateUpdated": "2024-10-23T14:25:28.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-27489 (GCVE-0-2022-27489)

    Vulnerability from cvelistv5 – Published: 2023-02-16 18:06 – Updated: 2024-10-23 14:46
    VLAI
    Summary
    A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Execute unauthorized code or commands
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 7.0.0 , ≤ 7.0.3 (semver)
    Affected: 5.3.2
    Affected: 4.2.0 , ≤ 4.2.4 (semver)
    Affected: 4.1.1 , ≤ 4.1.8 (semver)
    Affected: 4.0.0 , ≤ 4.0.2 (semver)
    Affected: 3.3.0 , ≤ 3.3.2 (semver)
    Affected: 3.2.1 , ≤ 3.2.3 (semver)
    Affected: 3.1.0 , ≤ 3.1.2 (semver)
    Affected: 3.0.0 , ≤ 3.0.2 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:32:57.924Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://fortiguard.com/psirt/FG-IR-22-048",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-22-048"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-27489",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T14:11:42.419938Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T14:46:25.263Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.3",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "5.3.2"
                },
                {
                  "lessThanOrEqual": "4.2.4",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.0.2",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.3.2",
                  "status": "affected",
                  "version": "3.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.2.3",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.1.2",
                  "status": "affected",
                  "version": "3.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "3.0.2",
                  "status": "affected",
                  "version": "3.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-16T18:06:40.150Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-22-048",
              "url": "https://fortiguard.com/psirt/FG-IR-22-048"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to FortiExtender version 7.2.0 and above\r\nUpgrade to FortiExtender version 7.0.4 and above\r\nUpgrade to FortiExtender upcoming version 4.2.5 and above\r\nUpgrade to FortiExtender upcoming version 4.1.9 and above\r\nUpgrade to FortiExtender upcoming version 4.0.3 and above\r\nUpgrade to FortiExtender version 3.3.3 and above\r\nUpgrade to FortiExtender version 3.2.4 and above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2022-27489",
        "datePublished": "2023-02-16T18:06:40.150Z",
        "dateReserved": "2022-03-21T16:03:48.575Z",
        "dateUpdated": "2024-10-23T14:46:25.263Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-15710 (GCVE-0-2019-15710)

    Vulnerability from cvelistv5 – Published: 2019-10-31 19:26 – Updated: 2024-10-25 14:28
    VLAI
    Summary
    An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted "execute date" commands.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Execute unauthorized code or commands
    Assigner
    References
    URL Tags
    https://fortiguard.com/psirt/FG-IR-19-273 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Fortinet FortiExtender Affected: 4.1.0 to 4.1.1
    Affected: 4.0.0 and below
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:56:22.396Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-19-273"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-15710",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-24T20:03:49.759787Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T14:28:08.293Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "FortiExtender",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 to 4.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.0.0 and below"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted \"execute date\" commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-04T18:51:39.000Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://fortiguard.com/psirt/FG-IR-19-273"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@fortinet.com",
              "ID": "CVE-2019-15710",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "FortiExtender",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.1.0 to 4.1.1"
                              },
                              {
                                "version_value": "4.0.0 and below"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fortinet"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted \"execute date\" commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Execute unauthorized code or commands"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://fortiguard.com/psirt/FG-IR-19-273",
                  "refsource": "CONFIRM",
                  "url": "https://fortiguard.com/psirt/FG-IR-19-273"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2019-15710",
        "datePublished": "2019-10-31T19:26:14.000Z",
        "dateReserved": "2019-08-27T00:00:00.000Z",
        "dateUpdated": "2024-10-25T14:28:08.293Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    VAR-202302-1493

    Vulnerability from variot - Updated: 2023-12-18 13:31

    A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests. fortinet's FortiExtender The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1493",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.1.9"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.0.0"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.1.0"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "5.3.2"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.2.4"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.0"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.2.0"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.2.1"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.2.5"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.3.0"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.3.3"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.0.1"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.1.1"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.4"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.0.2"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.1.1"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  4.1.1  that\u0027s all  4.1.9"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  4.2.0  that\u0027s all  4.2.5"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  3.0.2"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  3.0.1"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  3.1.0"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  3.3.0  that\u0027s all  3.3.3"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  7.0.0  that\u0027s all  7.0.4"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  3.2.1  that\u0027s all  3.2.4"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  3.1.1"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  3.0.0"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  5.3.2"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "3.2.4",
                        "versionStartIncluding": "3.2.1",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "3.3.3",
                        "versionStartIncluding": "3.3.0",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.1.9",
                        "versionStartIncluding": "4.1.1",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.2.5",
                        "versionStartIncluding": "4.2.0",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "7.0.4",
                        "versionStartIncluding": "7.0.0",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:3.0.0:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:3.0.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:3.0.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:3.1.0:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:3.1.1:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:5.3.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:fortinet:fortiextender:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          }
        ]
      },
      "cve": "CVE-2022-27489",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-27489",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2022-27489",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2022-27489",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202302-1448",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests. fortinet\u0027s FortiExtender The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-27489"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-27489",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-1448",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-27489",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-27489"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ]
      },
      "id": "VAR-202302-1493",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.75
      },
      "last_update_date": "2023-12-18T13:31:40.242000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "fortiguard.com\u00a0(FG-IR-22-048)",
            "trust": 0.8,
            "url": "https://fortiguard.com/psirt/fg-ir-22-048"
          },
          {
            "title": "Fortinet FortiExtender Fixes for operating system command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=226814"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://fortiguard.com/psirt/fg-ir-22-048"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27489"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-27489/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-27489"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2022-27489"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-27489"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-27489"
          },
          {
            "date": "2023-10-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "date": "2023-02-16T19:15:12.190000",
            "db": "NVD",
            "id": "CVE-2022-27489"
          },
          {
            "date": "2023-02-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-27489"
          },
          {
            "date": "2023-10-30T07:37:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          },
          {
            "date": "2023-11-07T03:45:20.570000",
            "db": "NVD",
            "id": "CVE-2022-27489"
          },
          {
            "date": "2023-02-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "fortinet\u0027s \u00a0FortiExtender\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-004478"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-1448"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201910-1238

    Vulnerability from variot - Updated: 2023-12-18 13:23

    An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted "execute date" commands. FortiExtender Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Fortinet FortiExtender is a wireless WAN (Wide Area Network) expander from Fortinet.

    There are operating system command injection vulnerabilities in Fortinet FortiExtender versions prior to 4.1.2. This vulnerability is caused by external input data constructing operating system executable commands. Network systems or products do not properly filter special characters, commands, etc., which can be exploited by attackers. This vulnerability performs an illegal operating system command

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1238",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiextender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortiguard",
            "version": "4.1.1"
          },
          {
            "model": "fortiextender",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "4.0.0"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "4.1.0 to  4.1.1"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "fortinet",
            "version": "4.1.2"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "fortiguard",
            "version": "4.1.1"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "fortiguard",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-15710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:fortiguard:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "4.1.1",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:fortiguard:fortiextender:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-15710"
          }
        ]
      },
      "cve": "CVE-2019-15710",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2019-15710",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2019-39943",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-15710",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2019-15710",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-39943",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201910-1570",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-15710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted \"execute date\" commands. FortiExtender Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Fortinet FortiExtender is a wireless WAN (Wide Area Network) expander from Fortinet. \n\nThere are operating system command injection vulnerabilities in Fortinet FortiExtender versions prior to 4.1.2. This vulnerability is caused by external input data constructing operating system executable commands. Network systems or products do not properly filter special characters, commands, etc., which can be exploited by attackers. This vulnerability performs an illegal operating system command",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-15710"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-15710",
            "trust": 3.0
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.3985",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-15710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ]
      },
      "id": "VAR-201910-1238",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          }
        ],
        "trust": 1.35
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          }
        ]
      },
      "last_update_date": "2023-12-18T13:23:31.280000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-19-273",
            "trust": 0.8,
            "url": "https://fortiguard.com/psirt/fg-ir-19-273"
          },
          {
            "title": "Patch for Fortinet FortiExtender Operating System Command Injection Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/189487"
          },
          {
            "title": "Fortinet FortiExtender Fixes for operating system command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=101438"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-15710"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://fortiguard.com/psirt/fg-ir-19-273"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15710"
          },
          {
            "trust": 1.2,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.3985/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15710"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-15710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-15710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "date": "2019-11-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "date": "2019-10-31T20:15:11.100000",
            "db": "NVD",
            "id": "CVE-2019-15710"
          },
          {
            "date": "2019-10-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "date": "2019-11-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-011533"
          },
          {
            "date": "2019-11-06T16:04:29.057000",
            "db": "NVD",
            "id": "CVE-2019-15710"
          },
          {
            "date": "2019-11-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiExtender Operating System Command Injection Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-39943"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201910-1570"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202307-1027

    Vulnerability from variot - Updated: 2023-12-18 13:11

    An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202307-1027",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.1.9"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "5.3.2"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.2.4"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.0"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.2.1"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.2.0"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.3.3"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.3.0"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.2.5"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.1.1"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.4"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.0.3"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.0.0"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "3.2.4",
                        "versionStartIncluding": "3.2.1",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "3.3.3",
                        "versionStartIncluding": "3.3.0",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.0.3",
                        "versionStartIncluding": "4.0.0",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.1.9",
                        "versionStartIncluding": "4.1.1",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.2.5",
                        "versionStartIncluding": "4.2.0",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "7.0.4",
                        "versionStartIncluding": "7.0.0",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:5.3.2:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:fortinet:fortiextender:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          }
        ]
      },
      "cve": "CVE-2022-23447",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2022-23447",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2022-23447",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202307-793",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in FortiExtender management interface  7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve\u00a0arbitrary files from the underlying filesystem via specially crafted web requests",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-23447"
          }
        ],
        "trust": 0.99
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-23447",
            "trust": 1.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-23447",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-23447"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ]
      },
      "id": "VAR-202307-1027",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.75
      },
      "last_update_date": "2023-12-18T13:11:17.319000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Fortinet FortiExtender Repair measures for path traversal vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=246954"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://fortiguard.com/psirt/fg-ir-22-039"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-23447/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-23447"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2022-23447"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23447"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-07-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-23447"
          },
          {
            "date": "2023-07-11T17:15:10.383000",
            "db": "NVD",
            "id": "CVE-2022-23447"
          },
          {
            "date": "2023-07-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-07-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-23447"
          },
          {
            "date": "2023-11-07T03:44:09.007000",
            "db": "NVD",
            "id": "CVE-2022-23447"
          },
          {
            "date": "2023-07-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiExtender Path traversal vulnerability",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202307-793"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202202-1222

    Vulnerability from variot - Updated: 2023-12-18 13:00

    A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters. Fortinet FortiExtender for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiExtender is a wireless WAN (Wide Area Network) extender device from Fortinet

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-1222",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.1.1"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.2"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.0"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.1.8"
          },
          {
            "model": "fortiextender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.2.0"
          },
          {
            "model": "fortiextender",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "4.2.4"
          },
          {
            "model": "fortiextender",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  7.0.1  and earlier"
          },
          {
            "model": "fortiextender",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiextender",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  4.1.7  and earlier"
          },
          {
            "model": "fortiextender",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "fortiextender  firmware  4.2.3  and earlier"
          },
          {
            "model": "fortiextender",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "fortinet",
            "version": "\u003c=7.0.1"
          },
          {
            "model": "fortiextender",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "fortinet",
            "version": "\u003c=4.2.3"
          },
          {
            "model": "fortiextender",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "fortinet",
            "version": "\u003c=4.1.7"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.1.8",
                        "versionStartIncluding": "4.1.1",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.2.4",
                        "versionStartIncluding": "4.2.0",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "7.0.2",
                        "versionStartIncluding": "7.0.0",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:fortinet:fortiextender:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          }
        ]
      },
      "cve": "CVE-2021-41016",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2021-41016",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2022-19071",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "psirt@fortinet.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-41016",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2021-41016",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2021-41016",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2022-19071",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-126",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A improper neutralization of special elements used in a command (\u0027command injection\u0027) in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters. Fortinet FortiExtender for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiExtender is a wireless WAN (Wide Area Network) extender device from Fortinet",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-41016",
            "trust": 3.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-126",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ]
      },
      "id": "VAR-202202-1222",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          }
        ],
        "trust": 1.35
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          }
        ]
      },
      "last_update_date": "2023-12-18T13:00:57.435000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-21-148",
            "trust": 0.8,
            "url": "https://www.fortiguard.com/psirt/fg-ir-21-148"
          },
          {
            "title": "Patch for Fortinet FortiExtender Command Injection Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/325276"
          },
          {
            "title": "Fortinet FortiExtender Fixes for command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=180908"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://fortiguard.com/advisory/fg-ir-21-148"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-41016"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-41016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-03-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          },
          {
            "date": "2023-05-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "date": "2022-02-02T11:15:07.777000",
            "db": "NVD",
            "id": "CVE-2021-41016"
          },
          {
            "date": "2022-02-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-03-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2022-19071"
          },
          {
            "date": "2023-05-01T08:38:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          },
          {
            "date": "2022-07-12T17:42:04.277000",
            "db": "NVD",
            "id": "CVE-2021-41016"
          },
          {
            "date": "2022-07-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet\u00a0FortiExtender\u00a0 In \u00a0OS\u00a0 Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004779"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-126"
          }
        ],
        "trust": 0.6
      }
    }