Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiportal vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-7343
An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows malicious user to execute unauthorized code or commands via the url parameter.
Fortinet Fortiportal
5.4
CVSSv3
CVE-2023-48783
An Authorization Bypass Through User-Controlled Key vulnerability [CWE-639] affecting PortiPortal version 7.2.1 and below, version 7.0.6 and below, version 6.0.14 and below, version 5.3.8 and below may allow a remote authenticated user with at least read-only permissions to acces...
Fortinet Fortiportal
9.8
CVSSv3
CVE-2021-32588
A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated malicious user to execute unauthorized commands as root by uploading and deploying ma...
Fortinet Fortiportal
8.8
CVSSv3
CVE-2021-32590
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 up to and including 6.0.4, 5.3.0 up to and including 5.3.5, 5.2.0 up to and including 5.2.5, and 4.2.2 and previous versions may allow an attacker with regular user...
Fortinet Fortiportal
6.5
CVSSv3
CVE-2021-32595
Multiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal prior to 6.0.6 may allow a single low-privileged user to induce a denial of service via multiple HTTP requests.
Fortinet Fortiportal
6.1
CVSSv3
CVE-2021-32602
An improper neutralization of input during web page generation vulnerability (CWE-79) in FortiPortal GUI 6.0.4 and below, 5.3.6 and below, 5.2.6 and below, 5.1.2 and below, 5.0.3 and below, 4.2.2 and below, 4.1.2 and below, 4.0.4 and below may allow a remote and unauthenticated m...
Fortinet Fortiportal
4.8
CVSSv3
CVE-2022-41336
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiPortal versions 6.0.0 up to and including 6.0.11 and all versions of 5.3, 5.2, 5.1, 5.0 management interface may allow a remote authenticated malicious user to perform a stored cross sit...
Fortinet Fortiportal
8.8
CVSSv3
CVE-2023-46712
A improper access control in Fortinet FortiPortal version 7.0.0 up to and including 7.0.6, Fortinet FortiPortal version 7.2.0 up to and including 7.2.1 allows malicious user to escalate its privilege via specifically crafted HTTP requests.
Fortinet Fortiportal
6.7
CVSSv3
CVE-2023-41842
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, Fortinet FortiAnalyzer version 7.4.0 up to and including 7.4.1, version 7.2.0 up to ...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer Bigdata
Fortinet Fortianalyzer Bigdata 6.2.5
Fortinet Fortiportal
6.7
CVSSv3
CVE-2021-42757
A buffer overflow [CWE-121] in the TFTP client library of FortiOS prior to 6.4.7 and FortiOS 7.0.0 up to and including 7.0.2, may allow an authenticated local malicious user to achieve arbitrary code execution via specially crafted command line arguments.
Fortinet Fortiweb 6.4.0
Fortinet Fortios
Fortinet Fortiweb 6.4.1
Fortinet Fortiproxy 7.0.0
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiproxy 7.0.1
Fortinet Fortimail
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortiweb
Fortinet Fortiproxy
Fortinet Fortindr
Fortinet Fortiswitch
Fortinet Fortirecorder Firmware
Fortinet Fortios-6k7k
Fortinet Fortiadc
Fortinet Fortiportal
Fortinet Fortivoice
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3