CVE-2021-26102
CVSS V2 None
CVSS V3 None
Description
A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to its default value.
Overview
- CVE ID
- CVE-2021-26102
- Assigner
- fortinet
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-12-19T13:56:38.177Z
- Last Modified Date
- 2024-12-19T15:17:08.639Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-21-048 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2021-26102 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26102 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-12-20 12:03:47 | Added to TrackCVE |