September 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Intel Products Vulnerabilities
March 25, 2025
VanHelsing Ransomware Targets Windows, ARM, ESXi Systems – Active IOCs
March 25, 2025
Multiple Intel Products Vulnerabilities
March 25, 2025
VanHelsing Ransomware Targets Windows, ARM, ESXi Systems – Active IOCs
March 25, 2025
Severity
Medium
Analysis Summary
CVE-2021-26087 CVSS:4.3
Fortinet FortiWLC is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input.
CVE-2021-22126 CVSS:6.5
Fortinet FortiWLC contains default hardcoded credentials. A remote attacker could exploit this vulnerability to gain root access to the system.
Impact
- Cross-Site Scripting
- Gain Access
Indicators of Compromise
CVE
CVE-2021-26087
CVE-2021-22126
Affected Vendors
- Fortinet
Affected Products
- Fortinet FortiWLC 8.4.0
- Fortinet FortiWLC 8.5.0
- Fortinet FortiWLC 8.6.0
- Fortinet FortiWLC 8.4.4
- Fortinet FortiWLC 8.3.3
- Fortinet FortiWLC - 8.3.2
- Fortinet FortiWLC - 8.2.6
Remediation
Upgrade to the latest version, available from the Fortiguard Website.