Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiadc vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-43948
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 up to and including 7.0.3, FortiADC version 7.1.0 up to and including 7.1.1, FortiADC version 7.0.0 up to and including 7.0.3, FortiADC 6.2 al...
Fortinet Fortiweb
Fortinet Fortiadc
7.8
CVSSv3
CVE-2023-25607
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.7, 6.4.0 up to and including 6.4.11, 6.2 all versions, 6.0 all versions, ...
Fortinet Fortiadc
Fortinet Fortiadc 7.1.0
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer
Fortinet Fortianalyzer 7.2.1
Fortinet Fortimanager 7.2.1
Fortinet Fortimanager
Fortinet Fortianalyzer 7.2.2
Fortinet Fortimanager 7.2.2
4.3
CVSSv3
CVE-2020-15935
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated malicious user to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords en...
Fortinet Fortiadc
5.4
CVSSv3
CVE-2019-6699
An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and previous versions may allow an malicious user to execute a stored Cross Site Scripting (XSS) via a field in the traffic group interface.
Fortinet Fortiadc
5.4
CVSSv3
CVE-2022-43952
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated malicious user to perform a cross-site scripti...
Fortinet Fortiadc
8.8
CVSSv3
CVE-2022-35849
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiADC 7.1.0 up to and including 7.1.1, 7.0.0 up to and including 7.0.3, 6.2.0 up to and including 6.2.5 and 6.1.0 all versions may allow an authenticated ...
Fortinet Fortiadc
4.3
CVSSv3
CVE-2022-27484
A unverified password change in Fortinet FortiADC version 6.2.0 up to and including 6.2.3, 6.1.x, 6.0.x, 5.x.x allows an authenticated malicious user to bypass the Old Password check in the password change form via a crafted HTTP request.
Fortinet Fortiadc
6.1
CVSSv3
CVE-2022-38374
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an malicious user to execute unauthorized code or commands via the URL and User fields observed in the traffic and event lo...
Fortinet Fortiadc
2 Github repositories
9.8
CVSSv3
CVE-2022-38381
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 up to and including 6.2.3, and 7.0.0 up to and including 7.0.2. This may allow a remote attacker without privileges to bypass some ...
Fortinet Fortiadc
5.4
CVSSv3
CVE-2022-35851
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC management interface 7.1.0 may allow a remote and authenticated malicious user to trigger a stored cross site scripting (XSS) attack via configuring a specially crafted IP Address.
Fortinet Fortiadc 7.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »