A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 up to and including 7.0.4, 6.4.0 up to and including 6.4.10, 6.2.0 up to and including 6.2.7, 6.0.x, FortiMail version 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 up to and including 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR version 1.x.x allows a remote unauthenticated malicious user to execute commands on the CLI via tricking an authenticated administrator to execute malicious GET requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiswitch |
||
fortinet fortimail |
||
fortinet fortirecorder |
||
fortinet fortiai 1.5.3 |
||
fortinet fortiai 1.1.0 |
||
fortinet fortindr 7.1.0 |
||
fortinet fortindr |
||
fortinet fortivoice |