Fortinet FortiSwitchAX Fixed: Unauthenticated admin can run commands via SSH config

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

Fortinet FortiSwitchAX Fixed: Unauthenticated admin can run commands via SSH config

CVE-2026-22628

Summary

An issue with Fortinet FortiSwitchAX Fixed allows an authenticated administrator to execute system commands by manipulating a specific SSH setup file. This could potentially lead to unauthorized changes or access to the device. Fortinet recommends updating to the latest version to fix this issue.

Original title

An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file.

Original description

An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file.

nvd CVSS3.1 5.3

Vulnerability type

CWE-284 Improper Access Control

https://fortiguard.fortinet.com/psirt/FG-IR-26-085

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026