Missing Authentication for critical function in CAPWAP daemon

CVSSv3 Score:

6.2

A missing authentication for critical function vulnerability [CWE-306] in FortiOS and FortiSwitchManager CAPWAP daemon may allow a local unauthenticated attacker on the same local IP subnet to write device configuration via specially crafted requests. To be successful, this attack requires the targeted FortiGate device to run a specific, non default configuration.

Revised on 2026-04-14 00:00:00

Source link

What's Hot

CVE-2026-41039 | THREATINT

New cross domain guidance for government, industry and the wider security community

Supply Chain Compromise Impacts Axios Node Package Manager

CVE-2026-41039 | THREATINT

Supply Chain Compromise Impacts Axios Node Package Manager

CVE-2026-6712 | THREATINT

Catchy & Intriguing

The Grandparent Scam: How AI Voice Technology Makes This Old Con Deadlier Than Ever

Global Takedown of Massive IoT Botnets Halts Record-Breaking Cyberattacks

Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

Most Popular

Catchy & Intriguing

The Grandparent Scam: How AI Voice Technology Makes This Old Con Deadlier Than Ever

Global Takedown of Massive IoT Botnets Halts Record-Breaking Cyberattacks

Our Picks

CVE-2026-41039 | THREATINT

New cross domain guidance for government, industry and the wider security community

Supply Chain Compromise Impacts Axios Node Package Manager

Subscribe to Updates

What's Hot

Missing Authentication for critical function in CAPWAP daemon

Related Posts

Subscribe to Updates