VYPR
Unrated severityNVD Advisory· Published Mar 10, 2026· Updated Mar 10, 2026

CVE-2026-25689

CVE-2026-25689

Description

An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.2.0, FortiDeceptor 6.0 all versions, FortiDeceptor 5.3 all versions, FortiDeceptor 5.2 all versions, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions, FortiDeceptor 4.3 all versions, FortiDeceptor 4.2 all versions, FortiDeceptor 4.1 all versions, FortiDeceptor 4.0 all versions may allow a privileged attacker with super-admin profile and CLI access to delete sensitive files via crafted HTTP requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Fortinet/FortiDeceptorcpe-rescue2 versions
    cpe:2.3:a:fortinet:fortideceptor:6.2.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortideceptor:6.2.0:*:*:*:*:*:*:*range: 6.2.0
    • (no CPE)range: >=6.2.0, 6.0 all, 5.3 all, 5.2 all, 5.1 all, 5.0 all, 4.3 all, 4.2 all, 4.1 all, 4.0 all

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.