CVE-2026-22628 | THREATINT

Description

An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file.

PUBLISHED Reserved 2026-01-08 | Published 2026-03-10 | Updated 2026-03-10 | Assigner fortinet

MEDIUM: 5.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C

Problem types

Execute unauthorized code or commands

Product status

Default status

unaffected

1.0.0 (semver)

affected

References

fortiguard.fortinet.com/psirt/FG-IR-26-085

cve.org (CVE-2026-22628)

nvd.nist.gov (CVE-2026-22628)

Download JSON