Improper Access Control Vulnerability in FortiWLC 8.6.1 and Below

Improper Access Control Vulnerability in FortiWLC 8.6.1 and Below

CVE-2021-42758 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.

Learn more about our User Device Pen Test.