Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiweb vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-23781
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated malicious user to achieve arbitrary code execution via specifically crafted XML files.
Fortinet Fortiweb
6.5
CVSSv3
CVE-2023-23784
A relative path traversal in Fortinet FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.3.6 up to and including 6.3.20, FortiWeb 6.4 all versions allows malicious user to information disclosure via specially crafted web requests.
Fortinet Fortiweb
8.8
CVSSv3
CVE-2023-23780
A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, Fortinet FortiWeb version 6.3.6 up to and including 6.3.19, Fortinet FortiWeb 6.4 all versions allows malicious user to escalation of privilege via specifically crafted HTTP requests.
Fortinet Fortiweb
7.8
CVSSv3
CVE-2023-23782
A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, FortiWeb version 6.3.0 up to and including 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows malicious user to escalation of privilege via speci...
Fortinet Fortiweb
4.3
CVSSv3
CVE-2021-43074
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and be...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiswitch
Fortinet Fortiweb
7.2
CVSSv3
CVE-2022-33871
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and previous versions, 6.4 all versions, version 6.3.19 and previous versions may allow a privileged malicious user to execute arbitrary code or commands via specifically crafted CLI `execute backup-l...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
7.8
CVSSv3
CVE-2022-40683
A double free in Fortinet FortiWeb version 7.0.0 up to and including 7.0.3 may allows malicious user to execute unauthorized code or commands via specially crafted commands
Fortinet Fortiweb
4.3
CVSSv3
CVE-2022-30299
A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 up to and including 7.0.1, 6.3.0 up to and including 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated malicious user to retrieve specific parts of files f...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
5.4
CVSSv3
CVE-2022-42471
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.4.0 up to and including 6.4.2, FortiWeb version 6.3.6 up to and including 6.3.20 may ...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb 7.0.2
Fortinet Fortiweb
6.5
CVSSv3
CVE-2021-41026
A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 up to and including 6.3.15 may allow an authenticated malicious user to retrieve arbitrary files from the underlying filesystem via specially crafted web requests.
Fortinet Fortiweb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »