CVE-2026-44277

CRITICAL

FortiAuthenticator 8.0.0-8.0.2, 6.5.0-6.5.6, 6.6.0-6.6.8, 6.4.0-6.4.10 - Improper Access Control

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-44277. PoCs published by 0xBlackash.

AI-analyzed exploit summary The repository contains a Python script that scans for potential vulnerable endpoints in FortiAuthenticator but does not include an actual exploit payload for RCE. It checks for reachable API endpoints and indicates potential vulnerability based on response status codes.

Description

A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to execute unauthorized code or commands via <insert attack vector here>

Exploits (1)

nomisec SCANNER

by 0xBlackash · poc

https://github.com/0xBlackash/CVE-2026-44277

View Code ZIP pw:eip

The repository contains a Python script that scans for potential vulnerable endpoints in FortiAuthenticator but does not include an actual exploit payload for RCE. It checks for reachable API endpoints and indicates potential vulnerability based on response status codes.

Classification

Scanner 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Fortinet FortiAuthenticator (versions 6.5.0-6.5.6, 6.6.0-6.6.8, 8.0.0-8.0.2)

No auth needed

Prerequisites: Network access to the target FortiAuthenticator instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 14, 2026 Full analysis →

References (1)

Core 1

Core References

https://fortiguard.fortinet.com/psirt/FG-IR-26-128

Scores

CVSS v3 9.8

EPSS 0.0006

EPSS Percentile 19.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-284

Status published

Products (6)

Fortinet/FortiAuthenticator 6.4.0 - 6.4.10

fortinet/fortiauthenticator 6.4.0 - 6.4.10

Fortinet/FortiAuthenticator 6.5.0 - 6.5.6

Fortinet/FortiAuthenticator 6.6.0 - 6.6.8

Fortinet/FortiAuthenticator 8.0.0

Fortinet/FortiAuthenticator 8.0.2

Published May 12, 2026

Tracked Since May 12, 2026