CVE-2025-53870

Name of the Vulnerable Software and Affected Versions FortiAP versions 7.6.0 through 7.6.2 FortiAP versions 7.4.0 through 7.4.5 FortiAP version 7.2 FortiAP version 7.0 FortiAP version 6.4 FortiAP-W2 versions 7.4.0 through 7.4.4 FortiAP-W2 version 7.2 FortiAP-W2 version 7.0

Description An OS command injection issue exists in the command line interface (CLI) of the firmware, where special elements used in operating system commands are not properly neutralized. This allows an authenticated attacker to execute unauthorized code or arbitrary commands via a specifically crafted CLI command. OS command injection is a flaw that allows an attacker to execute arbitrary operating system commands on the server running an application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.