CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-8494

Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.6%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

http://www.securityfocus.com/bid/96159
https://fortiguard.com/advisory/FG-IR-16-080
http://www.securityfocus.com/bid/96159
https://fortiguard.com/advisory/FG-IR-16-080

Products affected by CVE-2016-8494

Fortinet » Connect » Version: 14.10

cpe:2.3:a:fortinet:connect:14.10
Fortinet » Connect » Version: 14.2

cpe:2.3:a:fortinet:connect:14.2
Fortinet » Connect » Version: 15.10

cpe:2.3:a:fortinet:connect:15.10
Fortinet » Connect » Version: 16.7

cpe:2.3:a:fortinet:connect:16.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-8494

Products

Pricing

Contact Us