- FortiNAC version 9.4.0
- FortiNAC version 9.2.0 through 9.2.5
- FortiNAC version 9.1.0 through 9.1.7
- FortiNAC 8.8 all versions
- FortiNAC 8.7 all versions
- FortiNAC 8.6 all versions
- FortiNAC 8.5 all versions
- FortiNAC 8.3 all versions
- FortiWeb versions 6.4 all versions
- FortiWeb versions 6.3.16 and below
- FortiWeb versions 6.2.6 and below
- FortiWeb versions 6.1.2 and below
- FortiWeb versions 6.0.7 and below
- FortiWeb versions 5.x all versions
Multiple products of Fortinet were found to be vulnerable. This vulnerability can be exploited by a remote attacker to perform security restriction bypass, denial of service, information disclosure, cross-site scripting, and elevation of privilege on the targeted system.
Fortinet has identified two vulnerabilities in FortiNAC and FortiWeb products which could allow unauthenticated attackers to perform arbitrary code or command execution. The first vulnerability impacting FortiNAC, is tracked as CVE-2022-39952, where an external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system. The second vulnerability that impacts FortiWeb is CVE-2021-42756, multiple stack-based buffer overflow vulnerabilities [CWE-121] in FortiWeb's proxy daemon may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.
- Security Restriction Bypass
- Denial of Service
- Information Disclosure
- Cross-Site Scripting
- Elevation of Privilege
To fix the issues users are advised to follow the vendor’s recommendation by updating to the latest version of the Fortinet products.
The information provided herein is on an "as is" basis, without warranty of any kind.