Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-34992
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 up to and including 6.7.5 and 6.6.0 up to and including 6.6.3 and 6.5.0 up to and including 6.5.1 and 6.4.0 up to and including 6.4...
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem
Fortinet Fortisiem 7.0.0
1 Github repository
3 Articles
8.8
CVSSv3
CVE-2022-35845
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 up to and including 4.2.0, 2.3.0 up to and including 3.9.1 may allow an authenticated malicious use...
Fortinet Fortitester
Fortinet Fortitester 7.0.0
Fortinet Fortitester 7.1.0
Fortinet Fortitester 4.0.0
Fortinet Fortitester 4.1.0
Fortinet Fortitester 4.1.1
Fortinet Fortitester 4.2.0
9.8
CVSSv3
CVE-2023-33299
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows malicious user to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC version...
Fortinet Fortinac
Fortinet Fortinac 8.3.7
Fortinet Fortinac 9.4.0
Fortinet Fortinac 9.4.1
Fortinet Fortinac 9.4.2
Fortinet Fortinac 7.2.0
Fortinet Fortinac 7.2.1
5.4
CVSSv3
CVE-2016-3193
Cross-site scripting (XSS) vulnerability in the appliance web-application in Fortinet FortiManager 5.x prior to 5.0.12, 5.2.x prior to 5.2.6, and 5.4.x prior to 5.4.1 and FortiAnalyzer 5.x prior to 5.0.13, 5.2.x prior to 5.2.6, and 5.4.x prior to 5.4.1 allows remote authenticated...
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortimanager Firmware 5.4.0
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortianalyzer Firmware 5.0.3
Fortinet Fortianalyzer Firmware 5.0.4
Fortinet Fortianalyzer Firmware 5.0.12
6.1
CVSSv3
CVE-2016-3195
Cross-site scripting (XSS) vulnerability in the Web-UI in Fortinet FortiManager 5.x prior to 5.0.12 and 5.2.x prior to 5.2.6 and FortiAnalyzer 5.x prior to 5.0.13 and 5.2.x prior to 5.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors...
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortianalyzer Firmware 5.0.6
Fortinet Fortianalyzer Firmware 5.0.7
Fortinet Fortianalyzer Firmware 5.2.1
Fortinet Fortianalyzer Firmware 5.2.2
6.1
CVSSv3
CVE-2016-3194
Cross-site scripting (XSS) vulnerability in the address added page in Fortinet FortiManager 5.x prior to 5.0.12 and 5.2.x prior to 5.2.6 and FortiAnalyzer 5.x prior to 5.0.13 and 5.2.x prior to 5.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspeci...
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortianalyzer Firmware 5.0.7
Fortinet Fortianalyzer Firmware 5.0.8
Fortinet Fortianalyzer Firmware 5.2.2
Fortinet Fortianalyzer Firmware 5.2.3
5.4
CVSSv3
CVE-2017-7335
A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refr...
Fortinet Fortiwlc 6.1-2
Fortinet Fortiwlc 6.1-4
Fortinet Fortiwlc 6.1-5
Fortinet Fortiwlc 7.0-7
Fortinet Fortiwlc 8.1
Fortinet Fortiwlc 8.2
Fortinet Fortiwlc 8.3.0
Fortinet Fortiwlc 8.3.1
Fortinet Fortiwlc 8.3.2
Fortinet Fortiwlc 7.0-8
Fortinet Fortiwlc 7.0-10
Fortinet Fortiwlc 7.0-9
Fortinet Fortiwlc 8.0
5
CVSSv3
CVE-2023-45586
An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.7 and prior to 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 up to and incl...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
Fortinet Fortiproxy 7.4.1
Fortinet Fortios 7.4.0
Fortinet Fortios 7.4.1
Fortinet Fortios
6.5
CVSSv3
CVE-2023-25609
A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.6, 6.4.8 up to and including 6.4.11 may allow a remote and authenticated malicious user to access unauthorized files a...
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer 7.2.0
Fortinet Fortianalyzer 7.2.1
Fortinet Fortimanager 7.2.1
Fortinet Fortimanager
Fortinet Fortianalyzer
4.3
CVSSv3
CVE-2023-29178
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 up to and including 7.2.3 and prior to 7.0.9 and FortiOS version 7.2.0 up to and including 7.2.4 and prior to 7.0.11 allows an authenticated malicious user to repetitively crash the htt...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios
Fortinet Fortiproxy 7.2.2
Fortinet Fortiproxy 7.2.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »