Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-41024
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized malicious user to inject path traversal character sequences to disclose sensitive information of the server via the GET req...
Fortinet Fortiproxy 7.0.0
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
445
VMScore
CVE-2020-12818
An insufficient logging vulnerability in FortiGate prior to 6.4.1 may allow the traffic from an unauthenticated malicious user to Fortinet owned IP addresses to go unnoticed.
Fortinet Fortios
445
VMScore
CVE-2019-17655
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 up to and including 6.2.2, 6.0.9 and previous versions and FortiProxy 2.0.0, 1.2.9 and previous versions may allow an malicious user to retrieve a logged-in SSL VPN user's credentials s...
Fortinet Fortios
445
VMScore
CVE-2019-15705
An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote malicious user to crash the SSL VPN service by sending a crafted POST request.
Fortinet Fortios
445
VMScore
CVE-2018-13367
An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated malicious user to gain platform information such as version, models, via parsing a JavaScript file through admin webUI.
Fortinet Fortios
445
VMScore
CVE-2018-13381
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 up to and including 6.0.4, 5.6.0 up to and including 5.6.7, 5.4 and previous versions versions and FortiProxy 2.0.0, 1.2.8 and previous versions versions under SSL VPN web portal allows a non-authenticated malicious user t...
Fortinet Fortiproxy
Fortinet Fortiproxy 2.0.0
Fortinet Fortios
445
VMScore
CVE-2018-13365
An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow malicious users to learn private IP as well as the hostname of FortiGate via Application Control Block page.
Fortinet Fortios
445
VMScore
CVE-2018-13366
An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows malicious user to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol.
Fortinet Fortios
Fortinet Fortios 6.0.1
Fortinet Fortios 6.0.0
445
VMScore
CVE-2018-13376
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.
Fortinet Fortios
445
VMScore
CVE-2017-14185
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal.
Fortinet Fortios
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »