| IR Number | FG-IR-21-001 |
| Date | Jun 1, 2021 |
| Severity |
Medium |
| CVSSv3 Score | 6.9 |
| Impact | Remote code execution, Denial of Service |
| CVE ID | CVE-2021-26094 |
| Affected Products |
FortiWLC
:
8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2, 8.4.1, 8.4.0, 8.3.3, 8.3.2, 8.3.1, 8.3.0, 8.2.7, 8.2.6, 8.2.5, 8.2.4, 8.1.3, 8.1.2, 8.0.6, 8.0.5
|
| CVRF | Download |
Refine Search
PSIRT Advisories
FortiWLC - Multiple Buffer Overflow vulnerabilities
Summary
Multiple instances of stack-based buffer overflow vulnerability (CWE-121) in the command line interface of FortiWLC may allow a local, authenticated attacker to crash the access point being managed by the controller and potentially execute unauthorized code via a specifically crafted CLI command.
Affected Products
FortiWLC versions 8.6.0 and below. FortiWLC versions 8.5.3 and below.Solutions
Please upgrade to FortiWLC version 8.6.1 or above.
Please upgrade to FortiWLC version 8.5.4 or above.