Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios 6.2.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-12812
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
Fortinet Fortios
Fortinet Fortios 6.4.0
1 Github repository
2 Articles
6.8
CVSSv2
CVE-2021-36173
A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 up to and including 6.4.6, 6.2.0 up to and including 6.2.9, and 6.0.0 up to and including 6.0.13 may allow an malicious user to execute arbitrary code via speciall...
Fortinet Fortios
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
5.8
CVSSv2
CVE-2019-6696
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an malicious user to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage.
Fortinet Fortios
Fortinet Fortios 6.2.0
Fortinet Fortios 6.2.1
5
CVSSv2
CVE-2019-17655
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 up to and including 6.2.2, 6.0.9 and previous versions and FortiProxy 2.0.0, 1.2.9 and previous versions may allow an malicious user to retrieve a logged-in SSL VPN user's credentials s...
Fortinet Fortios
5
CVSSv2
CVE-2018-13367
An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated malicious user to gain platform information such as version, models, via parsing a JavaScript file through admin webUI.
Fortinet Fortios
4.3
CVSSv2
CVE-2021-26092
Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 up to and including 5.2.15, 5.4.0 up to and including 5.4.13, 5.6.0 up to and including 5.6.14, 6.0.0 up to and including 6.0.12, 6.2.0 up to and including 6.2.7, 6.4.0 up to and including 6.4.4; and FortiProxy...
Fortinet Fortiproxy
Fortinet Fortiproxy 2.0.0
Fortinet Fortiproxy 2.0.1
Fortinet Fortios
4
CVSSv2
CVE-2019-6693
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' pas...
Fortinet Fortios
Fortinet Fortios 6.2.0
3 Github repositories
2.9
CVSSv2
CVE-2022-22306
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 up to and including 6.0.14, 6.2.0 up to and including 6.2.10, 6.4.0 up to and including 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated malicious user to man-in-the-middle the communication ...
Fortinet Fortios 7.0.0
Fortinet Fortios
2.6
CVSSv2
CVE-2019-15703
An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows malicious user to theoretically recover the long term ECDSA secret in a TLS client with a RSA ...
Fortinet Fortios
2.1
CVSSv2
CVE-2021-32600
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 up to and including 6.4.6, 6.2.0 up to and including 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs informa...
Fortinet Fortios 7.0.0
Fortinet Fortios
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »