Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios 6.2.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-12812
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
Fortinet Fortios
Fortinet Fortios 6.4.0
1 Github repository
2 Articles
605
VMScore
CVE-2021-36173
A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 up to and including 6.4.6, 6.2.0 up to and including 6.2.9, and 6.0.0 up to and including 6.0.13 may allow an malicious user to execute arbitrary code via speciall...
Fortinet Fortios
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
516
VMScore
CVE-2019-6696
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an malicious user to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage.
Fortinet Fortios
Fortinet Fortios 6.2.0
Fortinet Fortios 6.2.1
445
VMScore
CVE-2019-17655
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 up to and including 6.2.2, 6.0.9 and previous versions and FortiProxy 2.0.0, 1.2.9 and previous versions may allow an malicious user to retrieve a logged-in SSL VPN user's credentials s...
Fortinet Fortios
445
VMScore
CVE-2018-13367
An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated malicious user to gain platform information such as version, models, via parsing a JavaScript file through admin webUI.
Fortinet Fortios
383
VMScore
CVE-2021-26092
Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 up to and including 5.2.15, 5.4.0 up to and including 5.4.13, 5.6.0 up to and including 5.6.14, 6.0.0 up to and including 6.0.12, 6.2.0 up to and including 6.2.7, 6.4.0 up to and including 6.4.4; and FortiProxy...
Fortinet Fortiproxy
Fortinet Fortiproxy 2.0.0
Fortinet Fortiproxy 2.0.1
Fortinet Fortios
357
VMScore
CVE-2019-6693
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' pas...
Fortinet Fortios
Fortinet Fortios 6.2.0
3 Github repositories
259
VMScore
CVE-2022-22306
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 up to and including 6.0.14, 6.2.0 up to and including 6.2.10, 6.4.0 up to and including 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated malicious user to man-in-the-middle the communication ...
Fortinet Fortios 7.0.0
Fortinet Fortios
231
VMScore
CVE-2019-15703
An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows malicious user to theoretically recover the long term ECDSA secret in a TLS client with a RSA ...
Fortinet Fortios
187
VMScore
CVE-2021-32600
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 up to and including 6.4.6, 6.2.0 up to and including 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs informa...
Fortinet Fortios 7.0.0
Fortinet Fortios
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »