Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-15933
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9 and below, FortiMail versions 6.2.4 and below FortiMail versions 6.4.1 and 6.4.0 allows malicious user to obtain potentially sensitive software-version information via client-side re...
Fortinet Fortimail
Fortinet Fortimail 6.2.0
Fortinet Fortimail 6.2.1
Fortinet Fortimail 6.2.2
Fortinet Fortimail 6.2.3
Fortinet Fortimail 6.2.4
Fortinet Fortimail 6.4.0
Fortinet Fortimail 6.4.1
NA
CVE-2022-42472
A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8, 6.4.0 up to and including 6.4.11, 6.2.0 up to and including 6.2.12, 6.0.0 up to and inc...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
Fortinet Fortios 7.2.2
NA
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 up to and including 7.4.2, 7.2.0 up to and including 7.2.6, 7.0.0 up to and including 7.0.13, FortiProxy versions 7.4.0 up to and including 7.4.2, 7.2.0 up to and including 7.2.8, 7.0.0 up to and incl...
Fortinet Fortipam
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortipam 1.2.0
Fortinet Fortiswitchmanager
5 Github repositories
1 Article
3.5
CVSSv2
CVE-2016-3196
Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x prior to 5.0.12 and 5.2.x prior to 5.2.6 and FortiManager 5.x prior to 5.0.12 and 5.2.x prior to 5.2.6 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an image uplo...
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortianalyzer Firmware 5.2.3
Fortinet Fortianalyzer Firmware 5.2.4
Fortinet Fortianalyzer Firmware 5.2.1
Fortinet Fortianalyzer Firmware 5.2.5
Fortinet Fortianalyzer Firmware 5.0.0
Fortinet Fortianalyzer Firmware 5.2.2
Fortinet Fortianalyzer Firmware 5.0.5
Fortinet Fortianalyzer Firmware 5.2.0
NA
CVE-2023-26210
Multiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] in Fortinet FortiADCManager version 7.1.0 and prior to 7.0.0, FortiADC version 7.2.0 and prior to 7.1.2 allows a local authenticated malicious use...
Fortinet Fortiadc
Fortinet Fortiadc 7.1.0
Fortinet Fortiadc 7.2.0
Fortinet Fortiadc 7.1.1
Fortinet Fortiadc 7.1.2
Fortinet Fortiadc Manager 7.1.0
Fortinet Fortiadc Manager 7.0.0
Fortinet Fortiadc Manager 6.2.1
Fortinet Fortiadc Manager 6.2.0
Fortinet Fortiadc Manager 5.2.0
Fortinet Fortiadc Manager 5.2.1
Fortinet Fortiadc Manager 5.3.0
Fortinet Fortiadc Manager 5.4.0
Fortinet Fortiadc Manager 6.0.0
Fortinet Fortiadc Manager 6.1.0
3.5
CVSSv2
CVE-2016-3193
Cross-site scripting (XSS) vulnerability in the appliance web-application in Fortinet FortiManager 5.x prior to 5.0.12, 5.2.x prior to 5.2.6, and 5.4.x prior to 5.4.1 and FortiAnalyzer 5.x prior to 5.0.13, 5.2.x prior to 5.2.6, and 5.4.x prior to 5.4.1 allows remote authenticated...
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortimanager Firmware 5.4.0
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortianalyzer Firmware 5.0.3
Fortinet Fortianalyzer Firmware 5.0.4
Fortinet Fortianalyzer Firmware 5.0.12
NA
CVE-2022-35845
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 up to and including 4.2.0, 2.3.0 up to and including 3.9.1 may allow an authenticated malicious use...
Fortinet Fortitester
Fortinet Fortitester 7.0.0
Fortinet Fortitester 7.1.0
Fortinet Fortitester 4.0.0
Fortinet Fortitester 4.1.0
Fortinet Fortitester 4.1.1
Fortinet Fortitester 4.2.0
NA
CVE-2022-42471
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.4.0 up to and including 6.4.2, FortiWeb version 6.3.6 up to and including 6.3.20 may ...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb 7.0.2
Fortinet Fortiweb
NA
CVE-2023-33299
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows malicious user to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC version...
Fortinet Fortinac
Fortinet Fortinac 8.3.7
Fortinet Fortinac 9.4.0
Fortinet Fortinac 9.4.1
Fortinet Fortinac 9.4.2
Fortinet Fortinac 7.2.0
Fortinet Fortinac 7.2.1
NA
CVE-2022-27489
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 up to and including 7.0.3, 5.3.2, 4.2.4 and below allows malicious user to execute unauthorized code or commands via crafted HTTP requests.
Fortinet Fortiextender Firmware
Fortinet Fortiextender Firmware 3.0.0
Fortinet Fortiextender Firmware 3.0.1
Fortinet Fortiextender Firmware 3.0.2
Fortinet Fortiextender Firmware 3.1.0
Fortinet Fortiextender Firmware 3.1.1
Fortinet Fortiextender Firmware 5.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »