CVE-2016-4965
high
CVSS v3
8.8
CVSS v2
9.0
VIR risk
8.8
Description
Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Predictions
Exploit likelihood
92%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities
Vendor advisory: cve@mitre.org — http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| fortinet | fortiwan | {"endIncluding":"4.2.4"} | |
References
- http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf
- http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities
- http://www.securityfocus.com/bid/92779
- https://www.kb.cert.org/vuls/id/724487
- http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf
- http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities
- http://www.securityfocus.com/bid/92779
- https://www.kb.cert.org/vuls/id/724487
CWEs
CWE-78
Verify integrity in audit chain (admin only). AS-IS.