High severity8.8NVD Advisory· Published Sep 21, 2016· Updated May 6, 2026
CVE-2016-4965
CVE-2016-4965
Description
Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- fortiguard.com/advisory/fortiwan-multiple-vulnerabilitiesnvdVendor Advisory
- www.securityfocus.com/bid/92779nvdThird Party AdvisoryVDB Entry
- www.kb.cert.org/vuls/id/724487nvdThird Party AdvisoryUS Government Resource
- docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdfnvdRelease Notes
News mentions
0No linked articles in our index yet.