Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortitester vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-33872
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Telnet login components of FortiTester 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow a...
Fortinet Fortitester
9.8
CVSSv3
CVE-2022-33873
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Console login components of FortiTester 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow ...
Fortinet Fortitester
9.8
CVSSv3
CVE-2022-33874
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in SSH login components of FortiTester 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow an u...
Fortinet Fortitester
9.8
CVSSv3
CVE-2022-35846
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow an unauthenticated malicious user to guess the credentials o...
Fortinet Fortitester
8.8
CVSSv3
CVE-2022-35845
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 up to and including 4.2.0, 2.3.0 up to and including 3.9.1 may allow an authenticated malicious use...
Fortinet Fortitester
Fortinet Fortitester 7.0.0
Fortinet Fortitester 7.1.0
Fortinet Fortitester 4.0.0
Fortinet Fortitester 4.1.0
Fortinet Fortitester 4.1.1
Fortinet Fortitester 4.2.0
8.8
CVSSv3
CVE-2020-12817
An improper neutralization of input vulnerability in FortiAnalyzer prior to 6.4.1 and 6.2.5 may allow a remote authenticated malicious user to inject script related HTML tags via Name parameter of Storage Connectors.
Fortinet Fortianalyzer 6.2.5
Fortinet Fortianalyzer 6.4.0
Fortinet Fortianalyzer 6.4.1
Fortinet Fortitester
Fortinet Fortitester 3.8.0
7.8
CVSSv3
CVE-2023-40716
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester 2.3.0 up to and including 7.2.3 may allow an authenticated malicious user to execute unauthorized commands via specifically crafted arguments...
Fortinet Fortitester 3.8.0
Fortinet Fortitester 7.0.0
Fortinet Fortitester 7.1.0
Fortinet Fortitester 3.0.0
Fortinet Fortitester 3.1.0
Fortinet Fortitester 3.2.0
Fortinet Fortitester 3.3.1
Fortinet Fortitester 3.3.0
Fortinet Fortitester 3.4.0
Fortinet Fortitester 3.5.0
Fortinet Fortitester 3.5.1
Fortinet Fortitester 3.6.0
Fortinet Fortitester 3.7.0
Fortinet Fortitester 3.7.1
Fortinet Fortitester 3.9.0
Fortinet Fortitester 3.9.1
Fortinet Fortitester 4.0.0
Fortinet Fortitester 4.1.0
Fortinet Fortitester 4.1.1
Fortinet Fortitester 4.2.0
Fortinet Fortitester 7.2.1
Fortinet Fortitester 7.2.2
7.8
CVSSv3
CVE-2023-36642
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester 3.0.0 up to and including 7.2.3 may allow an authenticated malicious user to execute unauthorized commands via specifically crafted arguments to ...
Fortinet Fortitester
7.8
CVSSv3
CVE-2023-40717
A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 up to and including 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands.
Fortinet Fortitester
7.8
CVSSv3
CVE-2022-33870
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester 3.0.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow an authenticated malicious user t...
Fortinet Fortitester 3.8.0
Fortinet Fortitester 7.0.0
Fortinet Fortitester 7.1.0
Fortinet Fortitester 3.0.0
Fortinet Fortitester 3.1.0
Fortinet Fortitester 3.2.0
Fortinet Fortitester 3.3.1
Fortinet Fortitester 3.3.0
Fortinet Fortitester 3.4.0
Fortinet Fortitester 3.5.0
Fortinet Fortitester 3.5.1
Fortinet Fortitester 3.6.0
Fortinet Fortitester 3.7.0
Fortinet Fortitester 3.7.1
Fortinet Fortitester 3.9.0
Fortinet Fortitester 3.9.1
Fortinet Fortitester 4.0.0
Fortinet Fortitester 4.1.0
Fortinet Fortitester 4.1.1
Fortinet Fortitester 4.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »