Medium severity5.3NVD Advisory· Published Mar 10, 2026· Updated Apr 9, 2026

CVE-2026-22628

Description

An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file.

Affected products

Fortinet/Fortiswitchaxfixed
cpe:2.3:a:fortinet:fortiswitchaxfixed:*:*:*:*:*:*:*:*
Range: >=1.0.0,<1.0.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

fortiguard.fortinet.com/psirt/FG-IR-26-085nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000