CVE-2021-32594
CVE-2021-32594
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.4EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
04 Aug 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow a low-privileged user to potentially tamper with the underlying system's files via the upload of specifically crafted files.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:U/RC:C
Affected products
Fortinet · Fortinet FortiPortalWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →