Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2021-36195
Multiple command injection vulnerabilities in the command line interpreter of FortiWeb versions 6.4.1, 6.4.0, 6.3.0 up to and including 6.3.15, 6.2.0 up to and including 6.2.6, and 6.1.0 up to and including 6.1.2 may allow an authenticated malicious user to execute arbitrary comm...
Fortinet Fortiweb 6.1.0
Fortinet Fortiweb 6.1.1
Fortinet Fortiweb 6.1.2
Fortinet Fortiweb
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
1 Article
801
VMScore
CVE-2021-42758
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.
Fortinet Fortiwlc 8.0.5
Fortinet Fortiwlc 8.0.6
Fortinet Fortiwlc 8.1.2
Fortinet Fortiwlc 8.1.3
Fortinet Fortiwlc
Fortinet Fortiwlc 8.4.0
Fortinet Fortiwlc 8.4.1
Fortinet Fortiwlc 8.4.2
Fortinet Fortiwlc 8.4.4
Fortinet Fortiwlc 8.4.5
Fortinet Fortiwlc 8.4.6
Fortinet Fortiwlc 8.4.7
Fortinet Fortiwlc 8.4.8
Fortinet Fortiwlc 8.6.0
Fortinet Fortiwlc 8.6.1
801
VMScore
CVE-2021-32590
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 up to and including 6.0.4, 5.3.0 up to and including 5.3.5, 5.2.0 up to and including 5.2.5, and 4.2.2 and previous versions may allow an attacker with regular user...
Fortinet Fortiportal
801
VMScore
CVE-2021-22125
An instance of improper neutralization of special elements in the sniffer module of FortiSandbox prior to 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file.
Fortinet Fortisandbox
801
VMScore
CVE-2021-24023
An improper input validation in FortiAI v1.4.0 and previous versions may allow an authenticated user to gain system shell access via a malicious payload in the "diagnose" command.
Fortinet Fortiai Firmware
801
VMScore
CVE-2021-22123
An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated malicious user to execute arbitrary commands on the system via the SAML server configuration page.
Fortinet Fortiweb
1 Github repository
801
VMScore
CVE-2021-24011
A privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges to root by abusing the sudo privileges.
Fortinet Fortinac
801
VMScore
CVE-2020-29017
An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated malicious user to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.
Fortinet Fortideceptor 3.0.0
Fortinet Fortideceptor 3.0.1
Fortinet Fortideceptor 3.1.0
801
VMScore
CVE-2014-2721
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an u...
Fortinet Fortibalancer 400 Firmware
Fortinet Fortibalancer 1000 Firmware
Fortinet Fortibalancer 2000 Firmware
Fortinet Fortibalancer 3000 Firmware
801
VMScore
CVE-2014-2722
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an u...
Fortinet Fortibalancer 400 Firmware
Fortinet Fortibalancer 1000 Firmware
Fortinet Fortibalancer 2000 Firmware
Fortinet Fortibalancer 3000 Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »