Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortimanager vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2023-41838
An improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 up to and including 7.2.3 may allow malicious user to execute unauthorized code or commands via FortiManager cli.
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortianalyzer
Fortinet Fortimanager 7.4.0
6.7
CVSSv3
CVE-2023-41842
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, Fortinet FortiAnalyzer version 7.4.0 up to and including 7.4.1, version 7.2.0 up to ...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer Bigdata
Fortinet Fortianalyzer Bigdata 6.2.5
Fortinet Fortiportal
6.7
CVSSv3
CVE-2023-42788
An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 up to and including 7.2.3, version 7.0.0 up to and including 7.0.8, version 6.4.0 up to ...
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortianalyzer
Fortinet Fortimanager 7.4.0
6.7
CVSSv3
CVE-2021-43072
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, versio...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortios
Fortinet Fortiproxy
6.7
CVSSv3
CVE-2022-26118
A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 up to and including 6.4.7, 7.0.0 up to and including 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect...
Fortinet Fortimanager
Fortinet Fortianalyzer
6.7
CVSSv3
CVE-2021-42757
A buffer overflow [CWE-121] in the TFTP client library of FortiOS prior to 6.4.7 and FortiOS 7.0.0 up to and including 7.0.2, may allow an authenticated local malicious user to achieve arbitrary code execution via specially crafted command line arguments.
Fortinet Fortiweb 6.4.0
Fortinet Fortios
Fortinet Fortiweb 6.4.1
Fortinet Fortiproxy 7.0.0
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiproxy 7.0.1
Fortinet Fortimail
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortiweb
Fortinet Fortiproxy
Fortinet Fortindr
Fortinet Fortiswitch
Fortinet Fortirecorder Firmware
Fortinet Fortios-6k7k
Fortinet Fortiadc
Fortinet Fortiportal
Fortinet Fortivoice
6.5
CVSSv3
CVE-2023-44256
A server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, version 7.2.0 up to and including 7.2.3 and prior to 7.0.8 and FortiManager version 7.4.0, version 7.2.0 up to and including 7.2.3 and prior to 7.0.8 allows a remote attacker with low p...
Fortinet Fortianalyzer 7.4.0
Fortinet Fortianalyzer
Fortinet Fortimanager 7.4.0
Fortinet Fortimanager
6.5
CVSSv3
CVE-2023-42787
A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet FortiManager version 7.4.0 and prior to 7.2.3 and FortiAnalyzer version 7.4.0 and prior to 7.2.3 may allow a remote attacker with low privileges to access a privileged web console via client sid...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortimanager 7.4.0
6.5
CVSSv3
CVE-2023-44249
An authorization bypass through user-controlled key [CWE-639] vulnerability in Fortinet FortiManager version 7.4.0 and prior to 7.2.3 and FortiAnalyzer version 7.4.0 and prior to 7.2.3 allows a remote attacker with low privileges to read sensitive information via crafted HTTP req...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortimanager 7.4.0
6.5
CVSSv3
CVE-2023-25606
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-23] in FortiAnalyzer and FortiManager management interface 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.5, 6.4 all versions may allow a remote and auth...
Fortinet Fortianalyzer
Fortinet Fortimanager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »