Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-33307
A null pointer dereference in Fortinet FortiOS prior to 7.2.5 and prior to 7.0.11, FortiProxy prior to 7.2.3 and prior to 7.0.9 allows malicious user to denial of sslvpn service via specifically crafted request in network parameter.
Fortinet Fortios
Fortinet Fortiproxy
6.7
CVSSv3
CVE-2021-44170
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS prior to 7.0.4 and FortiProxy prior to 2.0.8 may allow an authenticated malicious user to execute unauthorized code or commands via specially crafted command line arguments.
Fortinet Fortiproxy
Fortinet Fortios
6.5
CVSSv3
CVE-2019-17656
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote malicious user to crash the service by sending a malformed PUT request to t...
Fortinet Fortiproxy
Fortinet Fortios
9.8
CVSSv3
CVE-2016-6909
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x prior to 4.1.11, 4.2.x prior to 4.2.13, and 4.3.x prior to 4.3.9 and FortiSwitch prior to 3.4.3 allows remote malicious users to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.
Fortinet Fortios
Fortinet Fortiswitch
1 EDB exploit
7.4
CVSSv3
CVE-2022-39948
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 up to and including 7.0.6, 2.0 all versions, 1.2 all versions may allo...
Fortinet Fortiproxy
Fortinet Fortios
6
CVSSv3
CVE-2022-38378
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and prior to 7.0.7 and FortiProxy version 7.2.0 up to and including 7.2.1 and prior to 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator...
Fortinet Fortiproxy
Fortinet Fortios
6.7
CVSSv3
CVE-2023-28002
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.2 all versions, 7.0 all versions, 2.0 all versions VMs may a...
Fortinet Fortios
Fortinet Fortiproxy
6.1
CVSSv3
CVE-2021-43081
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenti...
Fortinet Fortios
Fortinet Fortiproxy
4.3
CVSSv3
CVE-2021-43206
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 up to and including 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's cl...
Fortinet Fortios
Fortinet Fortiproxy
8.8
CVSSv3
CVE-2022-43947
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, FortiProxy version 7.2.0 up to and including 7.2.2 and prior to 7.0.8 administrative interface allows an attacker ...
Fortinet Fortiproxy
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »