Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-1352
A format string vulnerability in Fortinet FortiOS 5.6.0 allows malicious user to execute unauthorized code or commands via the SSH username variable.
Fortinet Fortios 5.6.0
7.5
CVSSv2
CVE-2014-2216
The FortiManager protocol service in Fortinet FortiOS prior to 4.3.16 and 5.0.0 prior to 5.0.8 on FortiGate devices allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted request.
Fortinet Fortios 5.0.4
Fortinet Fortios 5.0.5
Fortinet Fortios 4.3.10
Fortinet Fortios 5.0.0
Fortinet Fortios 5.0.3
Fortinet Fortios 4.3.13
Fortinet Fortios 4.3.12
Fortinet Fortios
Fortinet Fortios 4.3.14
Fortinet Fortios 5.0.6
Fortinet Fortios 5.0.7
7.5
CVSSv2
CVE-2005-3058
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote malicious users to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field,...
Fortinet Fortios
Fortinet Fortigate 2.8
1 EDB exploit
7.5
CVSSv2
CVE-2005-1837
Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges.
Fortinet Fortinet Firewall
7.2
CVSSv2
CVE-2017-14187
A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows malicious user to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the afore...
Fortinet Fortios
6.8
CVSSv2
CVE-2021-36173
A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 up to and including 6.4.6, 6.2.0 up to and including 6.2.9, and 6.0.0 up to and including 6.0.13 may allow an malicious user to execute arbitrary code via speciall...
Fortinet Fortios
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
6.6
CVSSv2
CVE-2021-36169
A Hidden Functionality in Fortinet FortiOS 7.x prior to 7.0.1, FortiOS 6.4.x prior to 6.4.7 allows malicious user to Execute unauthorized code or commands via specific hex read/write operations.
Fortinet Fortios 7.0.0
Fortinet Fortios
6.5
CVSSv2
CVE-2018-13371
An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component.
Fortinet Fortios
6.5
CVSSv2
CVE-2013-4604
Fortinet FortiOS prior to 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.
Fortinet Fortios 5.0.1
Fortinet Fortios
6.4
CVSSv2
CVE-2015-2323
FortiOS 5.0.x prior to 5.0.12 and 5.2.x prior to 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle malicious users to spoof TLS content by modifying packets.
Fortinet Fortios 5.0.5
Fortinet Fortios 5.0.6
Fortinet Fortios 5.2.1
Fortinet Fortios 5.2.2
Fortinet Fortios 5.0.2
Fortinet Fortios 5.0.3
Fortinet Fortios 5.0.4
Fortinet Fortios 5.0.11
Fortinet Fortios 5.2.0
Fortinet Fortios 5.0.7
Fortinet Fortios 5.0.8
Fortinet Fortios 5.2.3
Fortinet Fortios 5.0.0
Fortinet Fortios 5.0.1
Fortinet Fortios 5.0.9
Fortinet Fortios 5.0.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »