Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiweb vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-23779
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated malicious user to execute unauthorized...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
8.8
CVSSv3
CVE-2023-23780
A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, Fortinet FortiWeb version 6.3.6 up to and including 6.3.19, Fortinet FortiWeb 6.4 all versions allows malicious user to escalation of privilege via specifically crafted HTTP requests.
Fortinet Fortiweb
8.8
CVSSv3
CVE-2023-23781
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated malicious user to achieve arbitrary code execution via specifically crafted XML files.
Fortinet Fortiweb
7.8
CVSSv3
CVE-2023-23782
A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, FortiWeb version 6.3.0 up to and including 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows malicious user to escalation of privilege via speci...
Fortinet Fortiweb
7.8
CVSSv3
CVE-2023-23783
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, FortiWeb 6.4 all versions allows malicious user to execute unauthorized code or commands via specially crafted command arguments.
Fortinet Fortiweb
6.5
CVSSv3
CVE-2023-23784
A relative path traversal in Fortinet FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.3.6 up to and including 6.3.20, FortiWeb 6.4 all versions allows malicious user to information disclosure via specially crafted web requests.
Fortinet Fortiweb
7.8
CVSSv3
CVE-2023-25602
A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and previous versions, FortiWeb versions 6.2.6 and previous versions, FortiWeb versions 6.1.2 and previous versions, FortiWeb versions 6.0.7 and previous versions, FortiWeb versions 5.9....
Fortinet Fortiweb
9.8
CVSSv3
CVE-2021-42756
Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote malicious user to achieve arbitrary code exec...
Fortinet Fortiweb
1 Github repository
4.3
CVSSv3
CVE-2021-43074
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and be...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiswitch
Fortinet Fortiweb
6.5
CVSSv3
CVE-2022-30300
A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 up to and including 7.0.1, 6.3.6 up to and including 6.3.18, 6.4 all versions may allow an authenticated malicious user to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »