Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiweb 7.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23777
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.18 and below may allow a privileged malicious user to execute arbitrary bash commands ...
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2022-30299
A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 up to and including 7.0.1, 6.3.0 up to and including 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated malicious user to retrieve specific parts of files f...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2022-30300
A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 up to and including 7.0.1, 6.3.6 up to and including 6.3.18, 6.4 all versions may allow an authenticated malicious user to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2022-30303
An improper neutralization of special elements used in an os command ('OS Command Injection') [CWE-78] in FortiWeb 7.0.0 up to and including 7.0.1, 6.3.0 up to and including 6.3.19, 6.4 all versions may allow an authenticated malicious user to execute arbitrary shell co...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2022-30306
A stack-based buffer overflow vulnerability [CWE-121] in the CA sign functionality of FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated malicious user to achieve arbitrary code execution via specifically crafted password.
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2021-43074
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and be...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiswitch
Fortinet Fortiweb
NA
CVE-2022-33871
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and previous versions, 6.4 all versions, version 6.3.19 and previous versions may allow a privileged malicious user to execute arbitrary code or commands via specifically crafted CLI `execute backup-l...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2023-23778
A relative path traversal vulnerability [CWE-23] in FortiWeb version 7.0.1 and below, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests.
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2023-23779
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated malicious user to execute unauthorized...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2023-23780
A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, Fortinet FortiWeb version 6.3.6 up to and including 6.3.19, Fortinet FortiWeb 6.4 all versions allows malicious user to escalation of privilege via specifically crafted HTTP requests.
Fortinet Fortiweb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »