CVE-2017-7336
CVE-2017-7336
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 2.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
22 Jul 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges.
Affected products
Fortinet, Inc. · Fortinet FortiWLM