CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7341

An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 84.6%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 9.0

References

Products affected by CVE-2017-7341

Fortinet » Fortiwlc » Version: 6.1-2-29

cpe:2.3:a:fortinet:fortiwlc:6.1-2-29
Fortinet » Fortiwlc » Version: 7.0-9-1

cpe:2.3:a:fortinet:fortiwlc:7.0-9-1
Fortinet » Fortiwlc » Version: 8.0-5-0

cpe:2.3:a:fortinet:fortiwlc:8.0-5-0
Fortinet » Fortiwlc » Version: 8.0-6-0

cpe:2.3:a:fortinet:fortiwlc:8.0-6-0
Fortinet » Fortiwlc » Version: 8.0.5

cpe:2.3:a:fortinet:fortiwlc:8.0.5
Fortinet » Fortiwlc » Version: 8.0.6

cpe:2.3:a:fortinet:fortiwlc:8.0.6
Fortinet » Fortiwlc » Version: 8.1-2-0

cpe:2.3:a:fortinet:fortiwlc:8.1-2-0
Fortinet » Fortiwlc » Version: 8.1-3-0

cpe:2.3:a:fortinet:fortiwlc:8.1-3-0
Fortinet » Fortiwlc » Version: 8.1-3-2

cpe:2.3:a:fortinet:fortiwlc:8.1-3-2
Fortinet » Fortiwlc » Version: 8.1.0

cpe:2.3:a:fortinet:fortiwlc:8.1.0
Fortinet » Fortiwlc » Version: 8.1.2

cpe:2.3:a:fortinet:fortiwlc:8.1.2
Fortinet » Fortiwlc » Version: 8.1.3

cpe:2.3:a:fortinet:fortiwlc:8.1.3
Fortinet » Fortiwlc » Version: 8.3.0

cpe:2.3:a:fortinet:fortiwlc:8.3.0
Fortinet » Fortiwlc » Version: 8.3.1

cpe:2.3:a:fortinet:fortiwlc:8.3.1
Fortinet » Fortiwlc » Version: 8.3.2

cpe:2.3:a:fortinet:fortiwlc:8.3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7341

Products

Pricing

Contact Us