CVE-2025-53680
MediumCVSS 6.7Exploitation Probability (EPSS)
Low risk43th percentile - higher than 43% of all known CVEs
Summary
An OS Command Injection vulnerability in Fortinet FortiAP allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests.
Risk Assessment
An attacker could take control of the FortiAP device, potentially leading to network integrity compromise, data leakage, or further attacks on the infrastructure.
Recommendation
Immediately update FortiAP to a patched version and restrict CLI access to trusted administrators only.
Original NVD description (English source)
An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versions, FortiAP 7.0 all versions, FortiAP 6.4 all versions, FortiAP-U 7.0.0 through 7.0.5, FortiAP-U 6.2 all versions, FortiAP-W2 7.4.0 through 7.4.4, FortiAP-W2 7.2 all versions, FortiAP-W2 7.0 all versions allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests.

