CVE-2021-42758

Name of the Vulnerable Software and Affected Versions FortiWLC versions 8.6.1 and below

Description The issue is related to improper access control, allowing an authenticated and remote attacker with low privileges to execute commands as an admin user with full access rights by bypassing GUI restrictions. This can potentially lead to privilege escalation.

Recommendations For FortiWLC versions 8.6.1 and below, consider restricting access to the GUI to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the privileges of low-level users to prevent them from executing commands that could bypass GUI restrictions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.