Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-42472
A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8, 6.4.0 up to and including 6.4.11, 6.2.0 up to and including 6.2.12, 6.0.0 up to and inc...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
Fortinet Fortios 7.2.2
8.8
CVSSv3
CVE-2023-41678
A double free in Fortinet FortiOS versions 7.0.0 up to and including 7.0.5, FortiPAM version 1.0.0 up to and including 1.0.3, 1.1.0 up to and including 1.1.1 allows malicious user to execute unauthorized code or commands via specifically crafted request.
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
Fortinet Fortios 7.0.2
Fortinet Fortipam 1.1.0
Fortinet Fortipam 1.0.0
Fortinet Fortipam 1.0.1
Fortinet Fortipam 1.0.2
Fortinet Fortipam 1.0.3
Fortinet Fortipam 1.1.1
Fortinet Fortios 7.0.3
Fortinet Fortios 7.0.4
Fortinet Fortios 7.0.5
1 Article
9.8
CVSSv3
CVE-2022-35843
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 up to and including 7.0.7, 6.4.0 up to and including 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 up to and including 7...
Fortinet Fortiproxy
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
6.1
CVSSv3
CVE-2019-6696
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an malicious user to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage.
Fortinet Fortios
Fortinet Fortios 6.2.0
Fortinet Fortios 6.2.1
4.8
CVSSv3
CVE-2023-47537
An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6 and 7.4.0 - 7.4.1 allows a remote and unauthenticated malicious user to perform a Man-in-the-Middle attack on the FortiLink communication channel between the FortiOS device and Fort...
Fortinet Fortios 7.4.0
Fortinet Fortios 7.4.1
Fortinet Fortios
5.9
CVSSv3
CVE-2018-9194
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature ...
Fortinet Fortios 6.0.1
Fortinet Fortios 6.0.0
Fortinet Fortios
5.3
CVSSv3
CVE-2018-13366
An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows malicious user to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol.
Fortinet Fortios
Fortinet Fortios 6.0.1
Fortinet Fortios 6.0.0
8.8
CVSSv3
CVE-2021-36173
A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 up to and including 6.4.6, 6.2.0 up to and including 6.2.9, and 6.0.0 up to and including 6.0.13 may allow an malicious user to execute arbitrary code via speciall...
Fortinet Fortios
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
5.9
CVSSv3
CVE-2018-9192
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspect...
Fortinet Fortios 6.0.0
Fortinet Fortios 6.0.1
Fortinet Fortios
9.8
CVSSv3
CVE-2023-42789
A out-of-bounds write in Fortinet FortiOS 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.12, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, FortiProxy 7.4.0, 7.2.0 up to and including 7.2.6, 7.0.0 up to and inc...
Fortinet Fortios
Fortinet Fortios 7.4.0
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
Fortinet Fortios 7.4.1
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »