#VU52680 Improper Authentication in FortiWAN - CVE-2021-26102
Published: April 28, 2021 / Updated: December 9, 2021
Vulnerability identifier: #VU52680
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2021-26102
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
FortiWAN
FortiWAN
Software vendor:
Fortinet, Inc
Fortinet, Inc
Description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in the authentication process. A remote non-authenticated attacker can send a specially crafted HTTP POST request and delete arbitrary files on the system using directory traversal sequences. In particular, deleting specific configuration files will reset the Admin password to its default value.
Successful exploitation of the vulnerability may allow an attacker to gain full access to the affected system.
Remediation
Install updates from vendor's website.