CVE-2026-22628

medium

Fortinet

CVSS v3 Base Score

5.3

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS Score

0.0%

Exploitation probability in 30 days

Top 98% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Confidentiality

Low

Integrity

Low

Availability

Low

Published: March 10, 2026 (64 days ago)

Last Modified: April 9, 2026

Vendor: Fortinet

Source: NVD

Description

An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file.

CWE

CWE-284

Affected Products

fortinet fortiswitchaxfixed

References

🔗 fortiguard.fortinet.com

CVE-2026-22628

Vulnerability Report

Description

CWE

Affected Products

References