Missing Authentication for critical function in CAPWAP daemon

CVSSv3 Score:

6.2

A missing authentication for critical function vulnerability [CWE-306] in FortiOS and FortiSwitchManager CAPWAP daemon may allow a local unauthenticated attacker on the same local IP subnet to write device configuration via specially crafted requests. To be successful, this attack requires the targeted FortiGate device to run a specific, non default configuration.

Revised on 2026-04-14 00:00:00

Source link

What's Hot

Four-Faith Industrial Router CVE-2024-12856 Exploited in the Wild | Blog

Microsoft GitHub Repository Windows-driver-samples Workflow Remote Code Execution – Research Advisory

CVE-2026-41039 | THREATINT

Microsoft GitHub Repository Windows-driver-samples Workflow Remote Code Execution – Research Advisory

CVE-2026-41039 | THREATINT

Supply Chain Compromise Impacts Axios Node Package Manager

Catchy & Intriguing

The Grandparent Scam: How AI Voice Technology Makes This Old Con Deadlier Than Ever

Global Takedown of Massive IoT Botnets Halts Record-Breaking Cyberattacks

Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

Most Popular

Catchy & Intriguing

The Grandparent Scam: How AI Voice Technology Makes This Old Con Deadlier Than Ever

Global Takedown of Massive IoT Botnets Halts Record-Breaking Cyberattacks

Our Picks

Four-Faith Industrial Router CVE-2024-12856 Exploited in the Wild | Blog

Microsoft GitHub Repository Windows-driver-samples Workflow Remote Code Execution – Research Advisory

CVE-2026-41039 | THREATINT

Subscribe to Updates

What's Hot

Missing Authentication for critical function in CAPWAP daemon

Related Posts

Subscribe to Updates