Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2005-3057
The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions prior to 3.0 MR1, allows remote malicious users to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as d...
Fortinet Fortios
Fortinet Fortigate 2.8
837
VMScore
CVE-2016-8491
The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows malicious users to gain unauthorized read/write access via a remote shell.
Fortinet Fortiwlc 8.2-4-0
Fortinet Fortiwlc 7.0-9-1
Fortinet Fortiwlc 7.0-10-0
Fortinet Fortiwlc 8.1-2-0
Fortinet Fortiwlc 8.1-3-2
828
VMScore
CVE-2021-24016
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows malicious user to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim ...
Fortinet Fortimanager
828
VMScore
CVE-2019-5589
An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version prior to 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading...
Fortinet Forticlient
828
VMScore
CVE-2015-7361
FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote malicious users to obtain shell access via u...
Fortinet Fortios 5.2.3
828
VMScore
CVE-2008-5531
Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, allows remote malicious users to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .t...
Fortinet Fortiguard Antivirus 3.113.0.0
801
VMScore
CVE-2021-24009
Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the Web GUI of FortiWAN prior to 4.5.9 may allow an authenticated malicious user to execute arbitrary commands on the underlying system's shell via specifically crafted HTT...
Fortinet Fortiwan
801
VMScore
CVE-2021-43075
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.2 and below, version 8.5.2 and below, version 8.4.2 and below, version 8.3.2 and below allows malicious user to execute unauthorized code or com...
Fortinet Fortiwlm
801
VMScore
CVE-2021-41018
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows malicious user to execute unauthorized code or commands via crafted HTTP requests.
Fortinet Fortiweb
801
VMScore
CVE-2021-41016
A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated malicious user to execute privileged shell commands via CLI commands includi...
Fortinet Fortiextender Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »