Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiwlc vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-17539
The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and previous versions allows malicious users to gain unauthorized read/write access via a remote shell.
Fortinet Fortiwlc
10
CVSSv2
CVE-2017-17540
The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows malicious users to gain unauthorized read/write access via a remote shell.
Fortinet Fortiwlc
10
CVSSv2
CVE-2016-7560
The rsyncd server in Fortinet FortiWLC 6.1-2-29 and previous versions, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote malicious users to read or write to arbitrary files via unspecified vectors.
Fortinet Fortiwlc 7.0-9-1
Fortinet Fortiwlc 7.0-10-0
Fortinet Fortiwlc 8.0-5-0
Fortinet Fortiwlc 8.1-2-0
Fortinet Fortiwlc
Fortinet Fortiwlc 8.2-4-0
9.4
CVSSv2
CVE-2016-8491
The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows malicious users to gain unauthorized read/write access via a remote shell.
Fortinet Fortiwlc 8.2-4-0
Fortinet Fortiwlc 7.0-9-1
Fortinet Fortiwlc 7.0-10-0
Fortinet Fortiwlc 8.1-2-0
Fortinet Fortiwlc 8.1-3-2
9
CVSSv2
CVE-2021-42758
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.
Fortinet Fortiwlc 8.0.5
Fortinet Fortiwlc 8.0.6
Fortinet Fortiwlc 8.1.2
Fortinet Fortiwlc 8.1.3
Fortinet Fortiwlc
Fortinet Fortiwlc 8.4.0
Fortinet Fortiwlc 8.4.1
Fortinet Fortiwlc 8.4.2
Fortinet Fortiwlc 8.4.4
Fortinet Fortiwlc 8.4.5
Fortinet Fortiwlc 8.4.6
Fortinet Fortiwlc 8.4.7
Fortinet Fortiwlc 8.4.8
Fortinet Fortiwlc 8.6.0
Fortinet Fortiwlc 8.6.1
9
CVSSv2
CVE-2017-7341
An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 up to and including 6.1-5, 7.0-7 up to and including 7.0-10, 8.0 up to and including 8.2, and 8.3.0 up to and including 8.3.2 file management AP script download webUI page allows an authenticated admin user to execu...
Fortinet Fortiwlc
9
CVSSv2
CVE-2017-3134
An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows malicious user to gain root access via the CLI command 'copy running-config'.
Fortinet Fortiwlc-sd
4
CVSSv2
CVE-2016-7561
Fortinet FortiWLC 6.1-2-29 and previous versions, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file.
Fortinet Fortiwlc 8.2-4-0
Fortinet Fortiwlc
Fortinet Fortiwlc 7.0-9-1
Fortinet Fortiwlc 8.0-5-0
Fortinet Fortiwlc 7.0-10-0
Fortinet Fortiwlc 8.1-2-0
3.5
CVSSv2
CVE-2020-9288
An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated malicious user to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile.
Fortinet Fortiwlc
3.5
CVSSv2
CVE-2017-7335
A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refr...
Fortinet Fortiwlc 6.1-2
Fortinet Fortiwlc 6.1-4
Fortinet Fortiwlc 6.1-5
Fortinet Fortiwlc 7.0-7
Fortinet Fortiwlc 8.1
Fortinet Fortiwlc 8.2
Fortinet Fortiwlc 8.3.0
Fortinet Fortiwlc 8.3.1
Fortinet Fortiwlc 8.3.2
Fortinet Fortiwlc 7.0-8
Fortinet Fortiwlc 7.0-10
Fortinet Fortiwlc 7.0-9
Fortinet Fortiwlc 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started