Medium severity4.3NVD Advisory· Published May 12, 2026· Updated May 18, 2026
CVE-2026-25690
CVE-2026-25690
Description
An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an authenticated attacker with at least read-only admin permission to read log files via HTTP crafted requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: >=5.0.0 <=6.0.2
Patches
Vulnerability mechanics
References
1- fortiguard.fortinet.com/psirt/FG-IR-26-138nvdVendor Advisory
News mentions
0No linked articles in our index yet.