FortiNAC-F Users May Be Redirected to Untrusted Websites

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.4

FortiNAC-F Users May Be Redirected to Untrusted Websites

CVE-2026-21741

Summary

A security issue in FortiNAC-F software could allow a malicious attacker to redirect users to a different website, potentially leading to phishing or other types of attacks. This issue affects certain versions of FortiNAC-F, and it's essential to update to the latest version to protect against potential threats. Users should check with Fortinet for the latest patches and instructions on how to update their systems.

Original title

Original description

An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with system administrator role to redirect users to an arbitrary website via crafted CSV file.

nvd CVSS3.1 2.4

Vulnerability type

CWE-601 Open Redirect

https://fortiguard.fortinet.com/psirt/FG-IR-26-118

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 14 Apr 2026