Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-13382
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated malicious user to modify the password of an SSL V...
Fortinet Fortios
4 Github repositories
7.5
CVSSv3
CVE-2018-13376
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.
Fortinet Fortios
7.5
CVSSv3
CVE-2017-3130
An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows malicious user to get FortiOS version info by inspecting FortiOS IKE VendorID packets.
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.4
Fortinet Fortios 5.0.0
Fortinet Fortios 5.0.13
Fortinet Fortios 5.0.14
Fortinet Fortios 5.2.0
Fortinet Fortios 5.2.1
Fortinet Fortios 5.6.0
Fortinet Fortios 5.4.1
Fortinet Fortios 5.0.1
Fortinet Fortios 5.0.3
Fortinet Fortios 5.0.10
Fortinet Fortios 5.0.12
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.4
Fortinet Fortios 5.2.6
Fortinet Fortios 5.0.5
Fortinet Fortios 5.0.6
Fortinet Fortios 5.0.7
Fortinet Fortios 5.0.8
Fortinet Fortios 5.2.7
7.4
CVSSv3
CVE-2022-39948
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 up to and including 7.0.6, 2.0 all versions, 1.2 all versions may allo...
Fortinet Fortiproxy
Fortinet Fortios
7.3
CVSSv3
CVE-2021-24012
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority.
Fortinet Fortios
7.2
CVSSv3
CVE-2023-45583
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.11, 2.0.0 up to and including 2.0.13, 1.2.0 up to and including 1.2.13, 1.1.0 up to and including 1.1.6 FortiPAM versions 1.1.0, 1.0.0 up to...
Fortinet Fortiproxy
Fortinet Fortiswitchmanager
Fortinet Fortios
Fortinet Fortios 7.4.0
Fortinet Fortipam 1.1.0
Fortinet Fortipam
7.2
CVSSv3
CVE-2023-46714
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 up to and including 7.2.6 and version 7.4.0 up to and including 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or H...
Fortinet Fortios 7.4.0
Fortinet Fortios 7.4.1
Fortinet Fortios
7.2
CVSSv3
CVE-2023-44247
A double free vulnerability [CWE-415] in Fortinet FortiOS prior to 7.0.0 may allow a privileged malicious user to execute code or commands via crafted HTTP or HTTPs requests.
Fortinet Fortios
7.2
CVSSv3
CVE-2017-17544
A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations.
Fortinet Fortios
7.2
CVSSv3
CVE-2017-7738
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI comm...
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »