Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-43074
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and be...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiswitch
Fortinet Fortiweb
9
CVSSv2
CVE-2014-2722
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an u...
Fortinet Fortibalancer 400 Firmware
Fortinet Fortibalancer 1000 Firmware
Fortinet Fortibalancer 2000 Firmware
Fortinet Fortibalancer 3000 Firmware
NA
CVE-2021-43072
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, versio...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortios
Fortinet Fortiproxy
NA
CVE-2022-27490
A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 up to and including 6.0.4, FortiAnalyzer version 6.0.0 up to and including 6.0.4, FortiPortal version 6.0.0 up to and including 6.0.9, 5.3.0 up to and including 5.3.8, 5.2.x, 5.1.0...
Fortinet Fortiportal
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiswitch
NA
CVE-2021-22131
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows malicious user to retrieve information disclosed via man-in-the-...
Fortinet Fortitoken Mobile 5.0.3
Fortinet Fortitoken Mobile 5.0.2
Fortinet Fortitoken Mobile 4.5.0
Fortinet Fortitoken Mobile 4.4.0
Fortinet Fortitoken Mobile 4.3.0
Fortinet Fortitoken Mobile 4.2.2
Fortinet Fortitoken Mobile 4.2.1
Fortinet Fortitoken Mobile 4.1.1
Fortinet Fortitoken Mobile 4.0.1
Fortinet Fortitoken Mobile 4.0.3
Fortinet Fortitoken Mobile 3.0.1
Fortinet Fortitoken Mobile 3.0.0
Fortinet Fortitoken Mobile 5.2.0
Fortinet Fortitoken Mobile 4.2.0
Fortinet Fortitoken Mobile 4.1.0
Fortinet Fortitoken Mobile 3.0.5
Fortinet Fortitoken Mobile 3.0.4
Fortinet Fortitoken Mobile 3.0.3
Fortinet Fortitoken Mobile 3.0.2
Fortinet Fortitoken Mobile 4.0.0
Fortinet Fortitoken Mobile 0.4.20
Fortinet Fortitoken Mobile 0.4.10
NA
CVE-2022-30299
A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 up to and including 7.0.1, 6.3.0 up to and including 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated malicious user to retrieve specific parts of files f...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
4.3
CVSSv2
CVE-2014-8618
Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models prior to 4.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Fortinet Fortiadc Firmware
Fortinet Fortiadc-700d -
Fortinet Fortiadc-200d -
Fortinet Fortiadc-1500d -
Fortinet Fortiadc-2000d -
Fortinet Fortiadc-4000d -
NA
CVE-2023-41673
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and prior to 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests.
Fortinet Fortiadc
Fortinet Fortiadc 7.1.0
Fortinet Fortiadc 7.2.0
Fortinet Fortiadc 7.1.1
Fortinet Fortiadc 7.1.2
Fortinet Fortiadc 7.4.0
NA
CVE-2022-33871
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and previous versions, 6.4 all versions, version 6.3.19 and previous versions may allow a privileged malicious user to execute arbitrary code or commands via specifically crafted CLI `execute backup-l...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2023-23778
A relative path traversal vulnerability [CWE-23] in FortiWeb version 7.0.1 and below, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests.
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »