Fortinet Discloses Open Redirect Vulnerability in FortiNAC-F
Fortinet disclosed an open redirect vulnerability in FortiNAC-F that allows privileged attackers to redirect users to arbitrary websites via a crafted CSV file import.
Fortinet has disclosed an open redirect vulnerability in its FortiNAC-F network access control product, tracked as FG-IR-26-118. The flaw, categorized as CWE-601 (URL Redirection to Untrusted Site), allows a remote attacker with system administrator privileges to redirect users to arbitrary websites by importing a specially crafted CSV file. The vulnerability carries a CVSSv3 score of 2.2, indicating low severity, but it still poses a risk in environments where social engineering could be combined with the redirect to facilitate phishing attacks.
The affected versions include FortiNAC-F 7.6.0 through 7.6.5, as well as all versions of FortiNAC-F 7.4 and 7.2. Fortinet has released a fix in FortiNAC-F 7.6.6 and recommends users on older branches migrate to a fixed release. The advisory was initially published on April 14, 2026, and the vulnerability was discovered during an independent audit commissioned by Fortinet.
Open redirect vulnerabilities are often underestimated because they do not directly compromise the vulnerable system. However, they can be weaponized in phishing campaigns to trick users into visiting malicious sites that appear legitimate. In this case, the attacker needs system administrator privileges, which limits the attack surface to already trusted insiders or attackers who have previously compromised administrative accounts.
Fortinet has not assigned a CVE identifier to this vulnerability yet, but the advisory provides clear upgrade paths. Organizations using FortiNAC-F should prioritize upgrading to version 7.6.6 or migrating to a supported release to mitigate the risk. As with all low-severity vulnerabilities, the threat is minimal but should not be ignored, especially in high-security environments.