Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios 6.0.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-5593
Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below o...
Fortinet Fortios
Fortinet Fortios 6.2.0
8.8
CVSSv3
CVE-2023-36639
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.10, FortiOS versions 7.4.0, 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.11, 6.4.0 up to and including 6.4.12, 6.2.0 up to...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortios 7.4.0
Fortinet Fortipam 1.1.0
Fortinet Fortipam
9.8
CVSSv3
CVE-2024-21762
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 up to and including 7.4.2, 7.2.0 up to and including 7.2.6, 7.0.0 up to and including 7.0.13, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, 6.0.0 up to and including 6.0.17, FortiProxy versions 7.4.0 u...
Fortinet Fortios
Fortinet Fortiproxy
23 Github repositories
4 Articles
6.1
CVSSv3
CVE-2021-43081
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenti...
Fortinet Fortios
Fortinet Fortiproxy
9.8
CVSSv3
CVE-2018-13379
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticat...
Fortinet Fortios
2 EDB exploits
21 Github repositories
9 Articles
7.5
CVSSv3
CVE-2018-13381
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 up to and including 6.0.4, 5.6.0 up to and including 5.6.7, 5.4 and previous versions versions and FortiProxy 2.0.0, 1.2.8 and previous versions versions under SSL VPN web portal allows a non-authenticated malicious user t...
Fortinet Fortiproxy
Fortinet Fortiproxy 2.0.0
Fortinet Fortios
6.1
CVSSv3
CVE-2018-13380
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows malicious user to execute unauthorized malicious script code via the error ...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiproxy 2.0.0
6.5
CVSSv3
CVE-2018-13383
A heap buffer overflow in Fortinet FortiOS 6.0.0 up to and including 6.0.4, 5.6.0 up to and including 5.6.10, 5.4.0 up to and including 5.4.12, 5.2.14 and previous versions and FortiProxy 2.0.0, 1.2.8 and previous versions in the SSL VPN web portal may cause the SSL VPN web servi...
Fortinet Fortiproxy
Fortinet Fortiproxy 2.0.0
Fortinet Fortios
7.2
CVSSv3
CVE-2017-17544
A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations.
Fortinet Fortios
8.1
CVSSv3
CVE-2018-9185
An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature.
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »