CVE-2026-25690
Essential information
- Published
- 12/05/2026 18:16
- Modified
- 12/05/2026 18:57
- Author
- —
- Creator
- —
- CVSS
- 4.3 MEDIUM (v3.1)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- NETWORK
- Attack complexity
- LOW
- Privileges required
- LOW
- User interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality impact
- LOW
- Integrity impact
- NONE
- Availability impact
- NONE
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an authenticated attacker with at least read-only admin permission to read log files via HTTP crafted requests.
NVD status
- Status
- Undergoing Analysis — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| fortinet / fortideceptor | cpe:2.3:a:fortinet:fortideceptor:6.0.0-6.0.2:*:*:*:*:*:*:* |
| fortinet / fortideceptor | cpe:2.3:a:fortinet:fortideceptor:5.3.0-5.3.3:*:*:*:*:*:*:* |
| fortinet / fortideceptor | cpe:2.3:a:fortinet:fortideceptor:5.2.0-5.2.1:*:*:*:*:*:*:* |
| fortinet / fortideceptor | cpe:2.3:a:fortinet:fortideceptor:5.1:*:*:*:*:*:*:* |
| fortinet / fortideceptor | cpe:2.3:a:fortinet:fortideceptor:5.0:*:*:*:*:*:*:* |