Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2021-36185
- EPSS 2.48%
- Published 02.11.2021 19:15:07
- Last modified 21.11.2024 06:13:16
A improper neutralization of special elements used in an OS command ('OS Command Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
6.5
CVE-2021-36184
- EPSS 0.42%
- Published 02.11.2021 19:15:07
- Last modified 21.11.2024 06:13:16
A improper neutralization of Special Elements used in an SQL Command ('SQL Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclosure device, users and database information via crafted HTTP requests.
9.8
CVE-2017-7336
- EPSS 0.94%
- Published 22.07.2017 21:29:00
- Last modified 20.04.2025 01:37:25
A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges.