CVE-2026-25689 - CERT CVE

  1. CVE-2026-25689

ID CVE-2026-25689
Sažetak An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.2.0, FortiDeceptor 6.0 all versions, FortiDeceptor 5.3 all versions, FortiDeceptor 5.2 all versions, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions, FortiDeceptor 4.3 all versions, FortiDeceptor 4.2 all versions, FortiDeceptor 4.1 all versions, FortiDeceptor 4.0 all versions may allow a privileged attacker with super-admin profile and CLI access to delete sensitive files via crafted HTTP requests.
Reference
CVSS
Base: 6.5
Impact: 5.2
Exploitability:1.2
Pristup
VektorSloženostAutentikacija
NETWORK LOW HIGH
Impact
PovjerljivostCjelovitostDostupnost
NONE HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Zadnje važnije ažuriranje 13-03-2026 - 19:08
Objavljeno 10-03-2026 - 18:18