CVE-2019-15709

Name of the Vulnerable Software and Affected Versions FortiAP-S/W2 versions 6.0.5 and below, 6.2.0 through 6.2.2 FortiAP-U version 6.0.1 and below

Description The issue arises from insufficient input validation in the CLI admin console of Fortinet FortiAP-S/W2 and FortiAP, allowing a remote attacker to overwrite system files using specially crafted tcpdump commands in the CLI.

Recommendations For FortiAP-S/W2 versions 6.0.5 and below, update to a version above 6.0.5 to resolve the issue. For FortiAP-S/W2 versions 6.2.0 through 6.2.2, update to a version above 6.2.2 to resolve the issue. For FortiAP-U version 6.0.1 and below, update to a version above 6.0.1 to resolve the issue. As a temporary workaround, consider restricting access to the CLI admin console to minimize the risk of exploitation.