Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiadc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25607
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.7, 6.4.0 up to and including 6.4.11, 6.2 all versions, 6.0 all versions, ...
Fortinet Fortiadc
Fortinet Fortiadc 7.1.0
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer
Fortinet Fortianalyzer 7.2.1
Fortinet Fortimanager 7.2.1
Fortinet Fortimanager
Fortinet Fortianalyzer 7.2.2
Fortinet Fortimanager 7.2.2
NA
CVE-2022-43948
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 up to and including 7.0.3, FortiADC version 7.1.0 up to and including 7.1.1, FortiADC version 7.0.0 up to and including 7.0.3, FortiADC 6.2 al...
Fortinet Fortiweb
Fortinet Fortiadc
NA
CVE-2022-43952
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated malicious user to perform a cross-site scripti...
Fortinet Fortiadc
NA
CVE-2022-35849
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiADC 7.1.0 up to and including 7.1.1, 7.0.0 up to and including 7.0.3, 6.2.0 up to and including 6.2.5 and 6.1.0 all versions may allow an authenticated ...
Fortinet Fortiadc
312
VMScore
CVE-2019-6699
An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and previous versions may allow an malicious user to execute a stored Cross Site Scripting (XSS) via a field in the traffic group interface.
Fortinet Fortiadc
NA
CVE-2022-38374
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an malicious user to execute unauthorized code or commands via the URL and User fields observed in the traffic and event lo...
Fortinet Fortiadc
2 Github repositories
NA
CVE-2022-38381
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 up to and including 6.2.3, and 7.0.0 up to and including 7.0.2. This may allow a remote attacker without privileges to bypass some ...
Fortinet Fortiadc
NA
CVE-2022-27484
A unverified password change in Fortinet FortiADC version 6.2.0 up to and including 6.2.3, 6.1.x, 6.0.x, 5.x.x allows an authenticated malicious user to bypass the Old Password check in the password change form via a crafted HTTP request.
Fortinet Fortiadc
356
VMScore
CVE-2020-15935
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated malicious user to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords en...
Fortinet Fortiadc
NA
CVE-2022-35851
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC management interface 7.1.0 may allow a remote and authenticated malicious user to trigger a stored cross site scripting (XSS) attack via configuring a specially crafted IP Address.
Fortinet Fortiadc 7.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »