Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiweb vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-43955
An improper neutralization of input during web page generation [CWE-79] in the FortiWeb web interface 7.0.0 up to and including 7.0.3, 6.3.0 up to and including 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remo...
Fortinet Fortiweb
7.8
CVSSv3
CVE-2022-40683
A double free in Fortinet FortiWeb version 7.0.0 up to and including 7.0.3 may allows malicious user to execute unauthorized code or commands via specially crafted commands
Fortinet Fortiweb
3.3
CVSSv3
CVE-2023-22636
An unauthorized configuration download vulnerability in FortiWeb 6.3.6 up to and including 6.3.21, 6.4.0 up to and including 6.4.2 and 7.0.0 up to and including 7.0.4 may allow a local malicious user to access confidential configuration files via a crafted http request.
Fortinet Fortiweb
7.8
CVSSv3
CVE-2023-25602
A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and previous versions, FortiWeb versions 6.2.6 and previous versions, FortiWeb versions 6.1.2 and previous versions, FortiWeb versions 6.0.7 and previous versions, FortiWeb versions 5.9....
Fortinet Fortiweb
8.8
CVSSv3
CVE-2023-23780
A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, Fortinet FortiWeb version 6.3.6 up to and including 6.3.19, Fortinet FortiWeb 6.4 all versions allows malicious user to escalation of privilege via specifically crafted HTTP requests.
Fortinet Fortiweb
8.8
CVSSv3
CVE-2023-23781
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated malicious user to achieve arbitrary code execution via specifically crafted XML files.
Fortinet Fortiweb
7.8
CVSSv3
CVE-2023-23782
A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, FortiWeb version 6.3.0 up to and including 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows malicious user to escalation of privilege via speci...
Fortinet Fortiweb
7.8
CVSSv3
CVE-2023-23783
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 up to and including 7.0.1, FortiWeb 6.4 all versions allows malicious user to execute unauthorized code or commands via specially crafted command arguments.
Fortinet Fortiweb
6.5
CVSSv3
CVE-2023-23784
A relative path traversal in Fortinet FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.3.6 up to and including 6.3.20, FortiWeb 6.4 all versions allows malicious user to information disclosure via specially crafted web requests.
Fortinet Fortiweb
8.8
CVSSv3
CVE-2022-39951
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.3.6 up to and including 6.3.20, FortiWeb 6.4 all versions allows malicious user to execute unaut...
Fortinet Fortiweb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »