Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-12812
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
Fortinet Fortios
Fortinet Fortios 6.4.0
1 Github repository
2 Articles
357
VMScore
CVE-2019-6693
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' pas...
Fortinet Fortios
Fortinet Fortios 6.2.0
3 Github repositories
445
VMScore
CVE-2021-26108
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS prior to 7.0.1 may allow an malicious user to retrieve the key by reverse engineering.
Fortinet Fortios
Fortinet Fortios 7.0.0
668
VMScore
CVE-2021-26109
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS prior to 7.0.1 may allow an unauthenticated malicious user to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code executi...
Fortinet Fortios
Fortinet Fortios 7.0.0
NA
CVE-2021-43080
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 up to and including 6.4.9, version 7.0.0 up to and including 7.0.5 may allow an authenticated malicious user to perform a stored cross site scripting (XSS...
Fortinet Fortios 7.2.0
Fortinet Fortios
578
VMScore
CVE-2013-4604
Fortinet FortiOS prior to 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.
Fortinet Fortios 5.0.1
Fortinet Fortios
516
VMScore
CVE-2021-24018
A buffer underwrite vulnerability in the firmware verification routine of FortiOS prior to 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.
Fortinet Fortios 7.0.0
Fortinet Fortios
187
VMScore
CVE-2021-32600
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 up to and including 6.4.6, 6.2.0 up to and including 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs informa...
Fortinet Fortios 7.0.0
Fortinet Fortios
NA
CVE-2022-29055
A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 up to and including 7.0.5, 6.4.0 up to and including 6.4.8, 6.2.0 up to and including 6.2.10, 6.0.x, FortiProxy version 7.0.0 up to and including 7.0.4, 2.0.0 up to and including 2.0.9, 1.2.x allows a remo...
Fortinet Fortios
Fortinet Fortios 7.2.0
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy
NA
CVE-2023-36639
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.10, FortiOS versions 7.4.0, 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.11, 6.4.0 up to and including 6.4.12, 6.2.0 up to...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortios 7.4.0
Fortinet Fortipam 1.1.0
Fortinet Fortipam
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »