Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortinac vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-26206
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an malicious user to execute unauthorized code or commands via the name fields observed in the poli...
Fortinet Fortinac
Fortinet Fortinac 7.2.0
6.1
CVSSv3
CVE-2022-38376
Multiple improper neutralization of input during web page generation ('Cross-site Scripting') vulnerabilities [CWE-79] in Fortinet FortiNAC portal UI prior to 9.4.1 allows an malicious user to perform an XSS attack via crafted HTTP requests.
Fortinet Fortinac 8.3.7
Fortinet Fortinac
6.1
CVSSv3
CVE-2020-12816
An improper neutralization of input vulnerability in FortiNAC prior to 8.7.2 may allow a remote authenticated malicious user to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users.
Fortinet Fortinac
6.1
CVSSv3
CVE-2019-5594
An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated malicious user to perform a reflected XSS attack via the search field in the webUI.
Fortinet Fortinac 8.5.0
Fortinet Fortinac
5.4
CVSSv3
CVE-2022-40676
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiNAC versions 9.4.0, 9.2.0 up to and including 9.2.5, 9.1.0 up to and including 9.1.8, 8.8.0 up to and including 8.8.11, 8.7.0 up to and including 8.7.6, 8.6.0 up to a...
Fortinet Fortinac
Fortinet Fortinac 8.3.7
Fortinet Fortinac 9.4.0
5.4
CVSSv3
CVE-2023-22638
Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated malicious use...
Fortinet Fortinac
Fortinet Fortinac 8.3.7
Fortinet Fortinac 9.4.0
Fortinet Fortinac 9.4.1
4.7
CVSSv3
CVE-2022-43950
A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated malicious user to redirect us...
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
4.4
CVSSv3
CVE-2022-45859
An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords.
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3