CVE-2026-21741 | THREATINT

Description

An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with system administrator role to redirect users to an arbitrary website via crafted CSV file.

PUBLISHED Reserved 2026-01-05 | Published 2026-04-14 | Updated 2026-04-14 | Assigner fortinet

LOW: 2.2CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

Problem types

Execute unauthorized code or commands

Product status

Default status

unaffected

7.6.0 (semver)

affected

7.4.0 (semver)

affected

7.2.0 (semver)

affected

References

fortiguard.fortinet.com/psirt/FG-IR-26-118

cve.org (CVE-2026-21741)

nvd.nist.gov (CVE-2026-21741)

Download JSON