Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-47536
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated malicious user to bypass th...
Fortinet Fortios 7.2.0
Fortinet Fortiproxy
Fortinet Fortios
8.8
CVSSv3
CVE-2023-41678
A double free in Fortinet FortiOS versions 7.0.0 up to and including 7.0.5, FortiPAM version 1.0.0 up to and including 1.0.3, 1.1.0 up to and including 1.1.1 allows malicious user to execute unauthorized code or commands via specifically crafted request.
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
Fortinet Fortios 7.0.2
Fortinet Fortipam 1.1.0
Fortinet Fortipam 1.0.0
Fortinet Fortipam 1.0.1
Fortinet Fortipam 1.0.2
Fortinet Fortipam 1.0.3
Fortinet Fortipam 1.1.1
Fortinet Fortios 7.0.3
Fortinet Fortios 7.0.4
Fortinet Fortios 7.0.5
1 Article
8.8
CVSSv3
CVE-2023-36639
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.10, FortiOS versions 7.4.0, 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.11, 6.4.0 up to and including 6.4.12, 6.2.0 up to...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortios 7.4.0
Fortinet Fortipam 1.1.0
Fortinet Fortipam
6.7
CVSSv3
CVE-2023-28002
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.2 all versions, 7.0 all versions, 2.0 all versions VMs may a...
Fortinet Fortios
Fortinet Fortiproxy
6.5
CVSSv3
CVE-2023-36641
A numeric truncation error in Fortinet FortiProxy version 7.2.0 up to and including 7.2.4, FortiProxy version 7.0.0 up to and including 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4...
Fortinet Fortiproxy
Fortinet Fortios
7.5
CVSSv3
CVE-2023-37935
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an malicious user to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those...
Fortinet Fortios
Fortinet Fortios 7.4.0
4.3
CVSSv3
CVE-2023-33301
An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an malicious user to access a restricted resource from a non trusted host.
Fortinet Fortios
Fortinet Fortios 7.4.0
5.3
CVSSv3
CVE-2023-41675
A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 up to and including 7.2.4 and version 7.0.0 up to and including 7.0.10 and FortiProxy version 7.2.0 up to and including 7.2.2 and version 7.0.0 up to and including 7.0.8 may allow an unauthenticated remote maliciou...
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortiproxy 7.2.2
8.8
CVSSv3
CVE-2023-41841
An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4 allows an attacker belonging to the prof-admin profile to perform elevated actions.
Fortinet Fortios
5.4
CVSSv3
CVE-2023-36555
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 - 7.2.4 allows an malicious user to execute unauthorized code or commands via the SAML and Security Fabric components.
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »