Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortideceptor vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-38373
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiDeceptor management interface 4.2.0, 4.1.0 up to and including 4.1.1, 4.0.2 may allow an authenticated user to perform a cross site scripting (XSS) attack via sending requests with speci...
Fortinet Fortideceptor 4.1.0
Fortinet Fortideceptor 4.1.1
Fortinet Fortideceptor 4.2.0
Fortinet Fortideceptor 4.0.2
7.5
CVSSv3
CVE-2022-30305
An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 up to and including 4.1.1, 4.0.0 up to and including 4.0.2, 3.3.0 up to and including 3.3.3, 3.2.0 up to and includin...
Fortinet Fortideceptor 3.1.0
Fortinet Fortisandbox 3.2.2
Fortinet Fortisandbox 3.2.0
Fortinet Fortisandbox 3.2.1
Fortinet Fortideceptor 3.1.1
Fortinet Fortideceptor 4.1.0
Fortinet Fortideceptor 4.1.1
Fortinet Fortideceptor 4.2.0
Fortinet Fortideceptor
Fortinet Fortisandbox
Fortinet Fortisandbox 3.2.3
8.1
CVSSv3
CVE-2022-30302
Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface 1.0.0 up to and including 3.2.x, 3.3.0 up to and including 3.3.2, 4.0.0 up to and including 4.0.1 may allow a remote and authenticated malicious user to retrieve and delete arbitrary f...
Fortinet Fortideceptor 4.0.1
Fortinet Fortideceptor 4.0.0
Fortinet Fortideceptor
8.8
CVSSv3
CVE-2020-29017
An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated malicious user to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.
Fortinet Fortideceptor 3.0.1
Fortinet Fortideceptor 3.1.0
Fortinet Fortideceptor 3.0.0
8.8
CVSSv3
CVE-2022-27487
A improper privilege management in Fortinet FortiSandbox version 4.2.0 up to and including 4.2.2, 4.0.0 up to and including 4.0.2 and prior to 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 up to and including 4.0.2 and prior to 3.3.3 allows a remote authenticated malicious user to...
Fortinet Fortideceptor 4.1.0
Fortinet Fortideceptor
Fortinet Fortisandbox
8.1
CVSSv3
CVE-2020-6644
An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an malicious user to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks.
Fortinet Fortideceptor
5.3
CVSSv3
CVE-2023-26209
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiDeceptor 3.1.x and before allows a remote unauthenticated malicious user to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.
Fortinet Fortideceptor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started