Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios 7.2.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 up to and including 7.4.2, 7.2.0 up to and including 7.2.6, 7.0.0 up to and including 7.0.13, FortiProxy versions 7.4.0 up to and including 7.4.2, 7.2.0 up to and including 7.2.8, 7.0.0 up to and incl...
Fortinet Fortipam
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortipam 1.2.0
Fortinet Fortiswitchmanager
5 Github repositories
1 Article
6.7
CVSSv3
CVE-2023-28002
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.2 all versions, 7.0 all versions, 2.0 all versions VMs may a...
Fortinet Fortios
Fortinet Fortiproxy
7.4
CVSSv3
CVE-2022-39948
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 up to and including 7.0.6, 2.0 all versions, 1.2 all versions may allo...
Fortinet Fortiproxy
Fortinet Fortios
8.8
CVSSv3
CVE-2023-41841
An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4 allows an attacker belonging to the prof-admin profile to perform elevated actions.
Fortinet Fortios
9.8
CVSSv3
CVE-2022-42475
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8, 6.4.0 up to and including 6.4.10, 6.2.0 up to and including 6.2.11, 6.0.15 and previous versions and FortiProxy SSL-VPN 7.2.0 up to and includ...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
9 Github repositories
5 Articles
9.8
CVSSv3
CVE-2023-28001
An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an malicious user to execute unauthorized code or commands via reusing the session of a deleted user in the REST API.
Fortinet Fortios
5.4
CVSSv3
CVE-2023-36555
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 - 7.2.4 allows an malicious user to execute unauthorized code or commands via the SAML and Security Fabric components.
Fortinet Fortios
8.1
CVSSv3
CVE-2022-30307
A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated malicious user to perform a man in the middle attack.
Fortinet Fortios
7.1
CVSSv3
CVE-2022-41328
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.9 and prior to 6.4.11 allows a privileged malicious user to read and write ...
Fortinet Fortios
1 Github repository
3 Articles
6.1
CVSSv3
CVE-2022-41334
An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated malicious user to launch a cross site scripting (XSS) attack via the "redir" parameter of the ...
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »