Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-41024
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized malicious user to inject path traversal character sequences to disclose sensitive information of the server via the GET req...
Fortinet Fortiproxy 7.0.0
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
NA
CVE-2023-45583
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.11, 2.0.0 up to and including 2.0.13, 1.2.0 up to and including 1.2.13, 1.1.0 up to and including 1.1.6 FortiPAM versions 1.1.0, 1.0.0 up to...
Fortinet Fortiproxy
Fortinet Fortiswitchmanager
Fortinet Fortios
Fortinet Fortios 7.4.0
Fortinet Fortipam 1.1.0
Fortinet Fortipam
4.6
CVSSv2
CVE-2021-26110
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged malicious user to escalate their privileges to super_admi...
Fortinet Fortiproxy 2.0.0
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortios 7.0.0
Fortinet Fortiproxy 2.0.1
NA
CVE-2022-29054
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 up to and including 7.0.5, 6.4.0 up to and including 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key ...
Fortinet Fortiproxy
Fortinet Fortios 7.2.0
Fortinet Fortiproxy 7.2.0
Fortinet Fortios
Fortinet Fortiproxy 7.2.1
4.6
CVSSv2
CVE-2021-42757
A buffer overflow [CWE-121] in the TFTP client library of FortiOS prior to 6.4.7 and FortiOS 7.0.0 up to and including 7.0.2, may allow an authenticated local malicious user to achieve arbitrary code execution via specially crafted command line arguments.
Fortinet Fortiweb 6.4.0
Fortinet Fortios
Fortinet Fortiweb 6.4.1
Fortinet Fortiproxy 7.0.0
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiproxy 7.0.1
Fortinet Fortimail
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortiweb
Fortinet Fortiproxy
Fortinet Fortindr
Fortinet Fortiswitch
Fortinet Fortirecorder Firmware
Fortinet Fortios-6k7k
Fortinet Fortiadc
Fortinet Fortiportal
Fortinet Fortivoice
NA
CVE-2022-41329
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 up to and including 7.2.1 and 7.0.0 up to and including 7.0.7, FortiOS version 7.2.0 up to and including 7.2.3 and 7.0.0 up to and including 7.0.9 allows an ...
Fortinet Fortios
Fortinet Fortiproxy
NA
CVE-2022-41330
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 up to and including 7.2.3, version 7.0.0 up to and including 7.0.9, version 6.4.0 up to and including 6.4.11 and prior to 6.2...
Fortinet Fortiproxy
Fortinet Fortios
NA
CVE-2024-21762
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 up to and including 7.4.2, 7.2.0 up to and including 7.2.6, 7.0.0 up to and including 7.0.13, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, 6.0.0 up to and including 6.0.17, FortiProxy versions 7.4.0 u...
Fortinet Fortios
Fortinet Fortiproxy
23 Github repositories
4 Articles
4.3
CVSSv2
CVE-2018-9195
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiCl...
Fortinet Forticlient
Fortinet Fortios
NA
CVE-2023-33306
A null pointer dereference in Fortinet FortiOS prior to 7.2.5, prior to 7.0.11 and prior to 6.4.13, FortiProxy prior to 7.2.4 and prior to 7.0.10 allows malicious user to denial of sslvpn service via specifically crafted request in bookmark parameter.
Fortinet Fortios
Fortinet Fortiproxy
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »