Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2014-2723
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an u...
Fortinet Fortibalancer 400 Firmware
Fortinet Fortibalancer 1000 Firmware
Fortinet Fortibalancer 2000 Firmware
Fortinet Fortibalancer 3000 Firmware
9
CVSSv2
CVE-2015-3611
A Command Injection vulnerability exists in FortiManager 5.2.1 and previous versions and FortiManager 5.0.10 and previous versions via unspecified vectors, which could let a malicious user run systems commands when executing a report.
Fortinet Fortimanager
9
CVSSv2
CVE-2019-13398
Dynacolor FCM-MB40 v1.2.0.0 devices allow remote malicious users to execute arbitrary commands via a crafted parameter to a CGI script, as demonstrated by sed injection in cgi-bin/camctrl_save_profile.cgi (save parameter) and cgi-bin/ddns.cgi.
Fortinet Fcm-mb40 Firmware 1.2.0.0
9
CVSSv2
CVE-2017-17544
A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations.
Fortinet Fortios
9
CVSSv2
CVE-2017-7341
An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 up to and including 6.1-5, 7.0-7 up to and including 7.0-10, 8.0 up to and including 8.2, and 8.3.0 up to and including 8.3.2 file management AP script download webUI page allows an authenticated admin user to execu...
Fortinet Fortiwlc
9
CVSSv2
CVE-2016-8493
In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe vulnerability.
Fortinet Forticlient 5.4.2
Fortinet Forticlient 5.4.1
9
CVSSv2
CVE-2017-3134
An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows malicious user to gain root access via the CLI command 'copy running-config'.
Fortinet Fortiwlc-sd
9
CVSSv2
CVE-2016-4965
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Fortinet Fortiwan
9
CVSSv2
CVE-2013-6990
FortiGuard FortiAuthenticator prior to 3.0 allows remote administrators to gain privileges via the command line interface.
Fortinet Fortiauthenticator
8.5
CVSSv2
CVE-2021-42753
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.x, 6.1.x, 6.0.x, 5.9.x and 5.8.x may allow an authenticated malicious user to perform an arbi...
Fortinet Fortiweb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »