{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21741", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2026-01-05T14:17:53.224Z", "datePublished": "2026-04-14T15:39:45.334Z", "dateUpdated": "2026-04-14T16:15:52.069Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiNAC-F", "cpes": [], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.6.0", "lessThanOrEqual": "7.6.5", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.3", "status": "affected"}, {"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.9", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with system administrator role to redirect users to an arbitrary website via crafted CSV file."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-04-14T15:39:45.334Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-601", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C"}}], "solutions": [{"lang": "en", "value": "Upgrade to upcoming FortiNAC-F version 7.6.6 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-118", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-118"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T16:15:45.406424Z", "id": "CVE-2026-21741", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:15:52.069Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21741", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2026-01-05T14:17:53.224Z", "datePublished": "2026-04-14T15:39:45.334Z", "dateUpdated": "2026-04-14T16:15:52.069Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiNAC-F", "cpes": [], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.6.0", "lessThanOrEqual": "7.6.5", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.3", "status": "affected"}, {"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.9", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with system administrator role to redirect users to an arbitrary website via crafted CSV file."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2026-04-14T15:39:45.334Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-601", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C"}}], "solutions": [{"lang": "en", "value": "Upgrade to upcoming FortiNAC-F version 7.6.6 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-26-118", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-118"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-21741", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T16:15:45.406424Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:15:49.239Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with system administrator role to redirect users to an arbitrary website via crafted CSV file."}], "id": "CVE-2026-21741", "lastModified": "2026-04-14T16:16:35.777", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 1.4, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2026-04-14T16:16:35.777", "references": [{"source": "psirt@fortinet.com", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-118"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "psirt@fortinet.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.6.0,7.6.5]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.4.0,7.4.3]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.2.0,7.2.9]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "FortiNAC-F", "source": "cna", "vendor": "Fortinet"}, "product": "fortinac-f", "vendor": "fortinet"}], "analysis": {"en": {"generated_at": "2026-04-14T17:37:14.009839+00:00", "value": {"mitigation_remediation": ["Upgrade FortiNAC\u2011F to version 7.6.6 or later"], "summary": {"action": "Patch", "impact": "Redirection to Untrusted Site (Open Redirect)"}, "threat_synthesis": {"affected_systems": "Fortinet FortiNAC\u2011F software is affected. Versions 7.6.0 through 7.6.5, all 7.4 releases, and all 7.2 releases are vulnerable if the system administrator role is present and a CSV file can be processed by the appliance.", "description_and_impact": "An Open Redirect flaw allows a remote attacker with system administrator privileges to trick authenticated users into visiting a malicious website by uploading a specially crafted CSV file. This vulnerability is classified as CWE\u2011601 and can be leveraged to facilitate phishing, credential theft, or further compromise when users interact with the redirected site.", "risk_and_exploitability": "The CVSS base score of 2.2 indicates low severity, and no EPSS data is available, suggesting limited exploitation likelihood. The flaw is not listed in the CISA KEV catalog. Exploitation requires administrative privileges and the user\u2019s interaction with the crafted CSV file, so the attack vector is primarily administrative and user\u2011based rather than remote unauthenticated."}}}}, "created": "2026-04-15T14:41:09.654274+00:00", "title": "Open Redirect via Crafted CSV in Fortinet FortiNAC\u2011F", "updated": "2026-04-15T15:30:06.812070+00:00", "vendors": ["fortinet", "fortinet$PRODUCT$fortinac-f"]}