Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiwlc vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2017-17539
The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and previous versions allows malicious users to gain unauthorized read/write access via a remote shell.
Fortinet Fortiwlc
890
VMScore
CVE-2017-17540
The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows malicious users to gain unauthorized read/write access via a remote shell.
Fortinet Fortiwlc
890
VMScore
CVE-2016-7560
The rsyncd server in Fortinet FortiWLC 6.1-2-29 and previous versions, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote malicious users to read or write to arbitrary files via unspecified vectors.
Fortinet Fortiwlc 7.0-9-1
Fortinet Fortiwlc 7.0-10-0
Fortinet Fortiwlc 8.0-5-0
Fortinet Fortiwlc 8.1-2-0
Fortinet Fortiwlc
Fortinet Fortiwlc 8.2-4-0
837
VMScore
CVE-2016-8491
The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows malicious users to gain unauthorized read/write access via a remote shell.
Fortinet Fortiwlc 8.2-4-0
Fortinet Fortiwlc 7.0-9-1
Fortinet Fortiwlc 7.0-10-0
Fortinet Fortiwlc 8.1-2-0
Fortinet Fortiwlc 8.1-3-2
801
VMScore
CVE-2021-42758
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.
Fortinet Fortiwlc 8.0.5
Fortinet Fortiwlc 8.0.6
Fortinet Fortiwlc 8.1.2
Fortinet Fortiwlc 8.1.3
Fortinet Fortiwlc
Fortinet Fortiwlc 8.4.0
Fortinet Fortiwlc 8.4.1
Fortinet Fortiwlc 8.4.2
Fortinet Fortiwlc 8.4.4
Fortinet Fortiwlc 8.4.5
Fortinet Fortiwlc 8.4.6
Fortinet Fortiwlc 8.4.7
Fortinet Fortiwlc 8.4.8
Fortinet Fortiwlc 8.6.0
Fortinet Fortiwlc 8.6.1
801
VMScore
CVE-2017-7341
An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 up to and including 6.1-5, 7.0-7 up to and including 7.0-10, 8.0 up to and including 8.2, and 8.3.0 up to and including 8.3.2 file management AP script download webUI page allows an authenticated admin user to execu...
Fortinet Fortiwlc
801
VMScore
CVE-2017-3134
An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows malicious user to gain root access via the CLI command 'copy running-config'.
Fortinet Fortiwlc-sd
356
VMScore
CVE-2016-7561
Fortinet FortiWLC 6.1-2-29 and previous versions, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file.
Fortinet Fortiwlc 8.2-4-0
Fortinet Fortiwlc
Fortinet Fortiwlc 7.0-9-1
Fortinet Fortiwlc 8.0-5-0
Fortinet Fortiwlc 7.0-10-0
Fortinet Fortiwlc 8.1-2-0
312
VMScore
CVE-2020-9288
An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated malicious user to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile.
Fortinet Fortiwlc
312
VMScore
CVE-2017-7335
A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refr...
Fortinet Fortiwlc 6.1-2
Fortinet Fortiwlc 6.1-4
Fortinet Fortiwlc 6.1-5
Fortinet Fortiwlc 7.0-7
Fortinet Fortiwlc 8.1
Fortinet Fortiwlc 8.2
Fortinet Fortiwlc 8.3.0
Fortinet Fortiwlc 8.3.1
Fortinet Fortiwlc 8.3.2
Fortinet Fortiwlc 7.0-8
Fortinet Fortiwlc 7.0-10
Fortinet Fortiwlc 7.0-9
Fortinet Fortiwlc 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started