FG-IR-26-131: Command injection in CLI

Published May 12, 2026

Updated

An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] in FortiAP, FortiAP-U & FortiAP-W2 CLI may allow an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests.

Affected Software

7 affected componentsFixes available

Fortinet FortiAP>=7.6.0<=7.6.2

Fortinet FortiAP>=7.4.0<=7.4.5

Fortinet FortiAP>=7.2

Fortinet FortiAP>=6.4

Fortinet FortiAP-U>=7.0.0<=7.0.5

Fortinet FortiAP-W2>=7.4.0<=7.4.4

Fortinet FortiAP-W2>=7.2

Event History

May 12, 2026

Advisory Published

via FortiGuard·12:00 AM

Data Sourced

via FortiGuard·12:00 AM

DescriptionSeverityWeaknessAffected Software

Frequently Asked Questions

What is the severity of FG-IR-26-131?

The severity of FG-IR-26-131 is critical due to its potential for arbitrary command execution.

How do I fix FG-IR-26-131?

To fix FG-IR-26-131, update FortiAP to version 7.6.3 or newer, or FortiAP-U to version 7.0.6 or newer, and FortiAP-W2 to version 7.4.5 or newer.

What products are affected by FG-IR-26-131?

FortiAP, FortiAP-U, and FortiAP-W2 versions up to 7.6.2, 7.0.5, and 7.4.4 respectively are affected by FG-IR-26-131.

Who can exploit the FG-IR-26-131 vulnerability?

An authenticated privileged attacker can exploit the FG-IR-26-131 vulnerability to execute unauthorized commands.

What is OS command injection in FG-IR-26-131?

OS command injection in FG-IR-26-131 refers to the improper neutralization of command inputs allowing execution of arbitrary OS commands.

CVSS Score

6.1Medium

Medium Severity

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Security Metrics

Risk Score58

Severitymedium(6.1)

CWE

7778

Timeline

PublishedMay 12, 2026

Updated

References

fortiguard.com/psirt/FG-IR-26-131

Tags

collector/fortiguard-psirt-latestsource/FortiGuardalias/CVE-2025-53680agent/sourceagent/last-modified-dateagent/first-publish-dateagent/typecollector/fortiguard-psirtagent/weaknessagent/severityagent/referencesagent/eventagent/softwarecombineagent/descriptionagent/titleagent/tagsagent/risk-scorevendor/fortinetcanonical/fortinet fortiapversion/fortinet fortiap/7.6.0version/fortinet fortiap/7.6.2version/fortinet fortiap/7.4.0version/fortinet fortiap/7.4.5version/fortinet fortiap/7.2version/fortinet fortiap/6.4canonical/fortinet fortiap-uversion/fortinet fortiap-u/7.0.0version/fortinet fortiap-u/7.0.5canonical/fortinet fortiap-w2version/fortinet fortiap-w2/7.4.0version/fortinet fortiap-w2/7.4.4version/fortinet fortiap-w2/7.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.