Zero Day MonitorZDM

← Back to list

6.5

CVE-2025-53870EXPLOITEDPATCHED

Fortinet · FortiAP

CVE-2025-53870: An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet

Description

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versions, FortiAP 7.0 all versions, FortiAP 6.4 all versions, FortiAP-W2 7.4.0 through 7.4.4, FortiAP-W2 7.2 all versions, FortiAP-W2 7.0 all versions may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted cli command.

Affected Products

Vendor	Product	Versions
Fortinet	FortiAP	7.6.0, 7.4.0, 7.2.0, 7.0.0, 6.4.3, 7.4.0, 7.2.0, 7.0.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
fortinet	fortiap-w2	mitre_affected	90%

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-133

Related News (2 articles)

Tier C

VulDB5h ago

CVE-2025-53870 | Fortinet FortiAP/FortiAP-W2 CLI os command injection (FG-IR-26-133)

→ No new info (linked only)

Tier A

Fortinet PSIRT16h ago

OS command injection in CLI

→ No new info (linked only)

CVSS 3.16.5 MEDIUM

VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

7.6.3

CWECWE-78

PublishedMay 12, 2026

Last enriched6h agov2

Tags

os command injection

Trending Score58

Source articles2

Independent2

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-35616EXPKEV

CVE-2026-35616: A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated atta

CRITICALCVE-2026-44277EXP

CVE-2026-44277: A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticat

HIGHCVE-2025-53844EXP

CVE-2025-53844: A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0

MEDIUMCVE-2025-53680EXP

CVE-2025-53680: An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vul

CRITICALCVE-2026-26083

CVE-2026-26083: A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, Fo

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 12, 2026

Discovered by ZDM

May 12, 2026

Updated: patchAvailable, affectedVersions, exploitAvailable, activelyExploited, tags

May 12, 2026

Actively Exploited

May 12, 2026

Exploit Available

May 12, 2026

Patch Available

May 12, 2026

Version History

v2

Last enriched 6h ago

v2Tier A6h ago

Updated patch availability to 7.6.3, added new affected versions 7.4.6 and 7.2.6, and marked exploit availability and active exploitation as true.

patchAvailableaffectedVersionsexploitAvailableactivelyExploitedtags

via Fortinet PSIRT

v16h ago

Initial creation