Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

fortinet fortios 7.0.1 vulnerabilities and exploits

(subscribe to this query)

8.8
CVSSv3
CVE-2021-36173
A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images....
Fortinet FortiosFortinet Fortios 7.0.0Fortinet Fortios 7.0.1
7.5
CVSSv3
CVE-2021-41024
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request...
Fortinet Fortiproxy 7.0.0Fortinet Fortios 7.0.0Fortinet Fortios 7.0.1
6
CVSSv3
CVE-2021-36169
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations....
Fortinet FortiosFortinet Fortios 7.0.0
9.8
CVSSv3
CVE-2021-26109
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution....
Fortinet FortiosFortinet Fortios 7.0.0
7.5
CVSSv3
CVE-2021-26108
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering....
Fortinet FortiosFortinet Fortios 7.0.0
8.8
CVSSv3
CVE-2021-24018
A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image....
Fortinet FortiosFortinet Fortios 7.0.0
4.3
CVSSv3
CVE-2021-43206
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same...
Fortinet FortiosFortinet Fortiproxy
6.1
CVSSv3
CVE-2021-43081
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an...
Fortinet FortiosFortinet Fortiproxy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-32034CVE-2022-2285IMAPCVE-2021-26855CVE-2022-32030CVE-2022-26763injectCVE-2022-32039SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook