Fortinet: >> Fortiwan >> 4.2.4 Security Vulnerabilities
The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter.
CVSS Score
6.5
EPSS Score
0.023
Published
2016-09-21
Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
CVSS Score
8.8
EPSS Score
0.077
Published
2016-09-21
Page 2