Vulnerabilities > Fortinet > Fortiwlc > 8.4.7

DATE CVE VULNERABILITY TITLE RISK
2024-12-19 CVE-2021-26093 Access of Uninitialized Pointer vulnerability in Fortinet Fortiwlc
An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command.
local
low complexity
fortinet CWE-824
6.5
2021-12-08 CVE-2021-42758 Incorrect Authorization vulnerability in Fortinet Fortiwlc
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.
network
low complexity
fortinet CWE-863
8.8
2020-06-22 CVE-2020-9288 Cross-site Scripting vulnerability in Fortinet Fortiwlc
An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile.
network
low complexity
fortinet CWE-79
5.4