Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-36640
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.10, 2.0.0 up to and including 2.0.13, 1.2.0 up to and including 1.2.13, 1.1.0 up to and including 1.1.6, 1.0.0 up to and including 1.0.7, Fo...
Fortinet Fortiproxy
Fortinet Fortipam
Fortinet Fortios 7.2.0
Fortinet Fortios
4.3
CVSSv3
CVE-2023-33301
An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an malicious user to access a restricted resource from a non trusted host.
Fortinet Fortios
Fortinet Fortios 7.4.0
5.4
CVSSv3
CVE-2021-43080
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 up to and including 6.4.9, version 7.0.0 up to and including 7.0.5 may allow an authenticated malicious user to perform a stored cross site scripting (XSS...
Fortinet Fortios 7.2.0
Fortinet Fortios
7.5
CVSSv3
CVE-2023-37935
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an malicious user to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those...
Fortinet Fortios
Fortinet Fortios 7.4.0
5.5
CVSSv3
CVE-2019-5593
Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below o...
Fortinet Fortios
Fortinet Fortios 6.2.0
9.8
CVSSv3
CVE-2020-12812
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
Fortinet Fortios
Fortinet Fortios 6.4.0
1 Github repository
2 Articles
6
CVSSv3
CVE-2021-36169
A Hidden Functionality in Fortinet FortiOS 7.x prior to 7.0.1, FortiOS 6.4.x prior to 6.4.7 allows malicious user to Execute unauthorized code or commands via specific hex read/write operations.
Fortinet Fortios 7.0.0
Fortinet Fortios
7.5
CVSSv3
CVE-2022-35842
An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 up to and including 7.0.6 and versions 6.4.0 up to and including 6.4.9 may allow a remote unauthenticated malicious user to gain information abo...
Fortinet Fortios 7.2.0
Fortinet Fortios
7.5
CVSSv3
CVE-2021-26108
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS prior to 7.0.1 may allow an malicious user to retrieve the key by reverse engineering.
Fortinet Fortios
Fortinet Fortios 7.0.0
3.3
CVSSv3
CVE-2022-29053
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 up to and including 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it.
Fortinet Fortios
Fortinet Fortios 7.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »