Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-42761
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 up to and including 6.3.16, 6.2.0 up to and including 6.2.6, 6.1.0 up to and including 6.1.2, 6.0.0 up to and including 6.0.7, 5.9.0 up to and including...
Fortinet Fortiweb
9.8
CVSSv3
CVE-2022-42475
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8, 6.4.0 up to and including 6.4.10, 6.2.0 up to and including 6.2.11, 6.0.15 and previous versions and FortiProxy SSL-VPN 7.2.0 up to and includ...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
9 Github repositories
6 Articles
9.8
CVSSv3
CVE-2022-35843
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 up to and including 7.0.7, 6.4.0 up to and including 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 up to and including 7...
Fortinet Fortiproxy
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
9.8
CVSSv3
CVE-2022-38381
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 up to and including 6.2.3, and 7.0.0 up to and including 7.0.2. This may allow a remote attacker without privileges to bypass some ...
Fortinet Fortiadc
9.8
CVSSv3
CVE-2022-33874
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in SSH login components of FortiTester 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow an u...
Fortinet Fortitester
9.8
CVSSv3
CVE-2022-33872
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Telnet login components of FortiTester 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow a...
Fortinet Fortitester
9.8
CVSSv3
CVE-2022-33873
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Console login components of FortiTester 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow ...
Fortinet Fortitester
9.8
CVSSv3
CVE-2022-35846
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow an unauthenticated malicious user to guess the credentials o...
Fortinet Fortitester
9.8
CVSSv3
CVE-2022-40684
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 up to and including 7.2.1 and 7.0.0 up to and including 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 up to and including 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0...
Fortinet Fortiswitchmanager 7.0.0
Fortinet Fortiswitchmanager 7.2.0
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy
Fortinet Fortios
1 Metasploit module
30 Github repositories
2 Articles
9.8
CVSSv3
CVE-2021-26112
Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN prior to 4.5.9 may allow an unauthenticated malicious user to potentially corrupt control data in memory and execute arbitrary code via specifica...
Fortinet Fortiwan
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »