How severe is CVE-2021-26102?

CVE-2021-26102 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2021-26102

Name: fortiwan
Author: fortinet

9.8CRITICAL

A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted

Published: 12/19/2024Updated: 1/21/2025

Description

A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to its default value.

AI AnalysisPowered by AI

Affected Products

fortinetfortiwan

References

https://fortiguard.fortinet.com/psirt/FG-IR-21-048
Vendor Advisory