Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities Fortinet PSIRT

shell command limitation bypass by SSH local config overriding

cve-2026-22628sshaccess-controlmitre-ta0001mitre-t1190
  • What: Improper access control vulnerability in FortiSwitchAXFixed SSH config
  • Impact: Authenticated admins could execute system commands
Read Full Article →

PSIRT shell command limitation bypass by SSH local config overriding Summary An Improper Access Control vulnerability [CWE-284] in FortiSwitchAXFixed may allow an authenticated admin to execute system commands via a specifically crafted SSH config file. Version Affected Solution FortiSwitchAXFixed 1.0 1.0.0 through 1.0.1 Upgrade to 1.0.2 or above Acknowledgement Internally discovered and reported by Yonghui Han of Fortinet Product Security team. Timeline 2026-03-10: Initial publication IR Number FG-IR-26-085 Published Date Mar 10, 2026 Component CLI Severity Medium CVSSv3 Score 5.1 Impact Execute unauthorized code or commands CVE ID CVE-2026-22628 Download CVRF CSAF

Related Articles

HIGH Authentication Lockout Bypass via Race Condition Fortinet PSIRT MEDIUM New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure Infosecurity Magazine MEDIUM SSHStalker botnet preys on legacy Linux & cloud hosts Web Discovery MEDIUM Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability Cisco Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn