Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiweb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23783
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, FortiWeb 6.4 all versions allows malicious user to execute unauthorized code or commands via specially crafted command arguments.
Fortinet Fortiweb
NA
CVE-2023-23784
A relative path traversal in Fortinet FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.3.6 up to and including 6.3.20, FortiWeb 6.4 all versions allows malicious user to information disclosure via specially crafted web requests.
Fortinet Fortiweb
NA
CVE-2022-33871
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and previous versions, 6.4 all versions, version 6.3.19 and previous versions may allow a privileged malicious user to execute arbitrary code or commands via specifically crafted CLI `execute backup-l...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2021-42761
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 up to and including 6.3.16, 6.2.0 up to and including 6.2.6, 6.1.0 up to and including 6.1.2, 6.0.0 up to and including 6.0.7, 5.9.0 up to and including...
Fortinet Fortiweb
NA
CVE-2023-25602
A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and previous versions, FortiWeb versions 6.2.6 and previous versions, FortiWeb versions 6.1.2 and previous versions, FortiWeb versions 6.0.7 and previous versions, FortiWeb versions 5.9....
Fortinet Fortiweb
NA
CVE-2021-42756
Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote malicious user to achieve arbitrary code exec...
Fortinet Fortiweb
1 Github repository
NA
CVE-2021-43074
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and be...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiswitch
Fortinet Fortiweb
NA
CVE-2022-42471
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.4.0 up to and including 6.4.2, FortiWeb version 6.3.6 up to and including 6.3.20 may ...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb 7.0.2
Fortinet Fortiweb
4
CVSSv2
CVE-2021-41026
A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 up to and including 6.3.15 may allow an authenticated malicious user to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
Fortinet Fortiweb
6.5
CVSSv2
CVE-2021-36193
Multiple stack-based buffer overflows in the command line interpreter of FortiWeb prior to 6.4.2 may allow an authenticated malicious user to achieve arbitrary code execution via specially crafted commands.
Fortinet Fortiweb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »