Unrated severityNVD Advisory· Published Mar 10, 2026· Updated Mar 10, 2026
CVE-2026-25689
CVE-2026-25689
Description
An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.2.0, FortiDeceptor 6.0 all versions, FortiDeceptor 5.3 all versions, FortiDeceptor 5.2 all versions, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions, FortiDeceptor 4.3 all versions, FortiDeceptor 4.2 all versions, FortiDeceptor 4.1 all versions, FortiDeceptor 4.0 all versions may allow a privileged attacker with super-admin profile and CLI access to delete sensitive files via crafted HTTP requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:fortinet:fortideceptor:6.2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:fortinet:fortideceptor:6.2.0:*:*:*:*:*:*:*range: 6.2.0
- (no CPE)range: >=6.2.0, 6.0 all, 5.3 all, 5.2 all, 5.1 all, 5.0 all, 4.3 all, 4.2 all, 4.1 all, 4.0 all
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.