Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-33305
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 up to and including 7.2.4, FortiOS version 7.0.0 up to and including 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortiweb
Fortinet Fortiweb 7.2.0
Fortinet Fortiweb 7.2.1
6.5
CVSSv3
CVE-2023-26207
An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 up to and including 7.2.4 and FortiProxy 7.0.0 up to and including 7.0.10. 7.2.0 up to and including 7.2.1 allows an malicious user to read certain passwords in plain text.
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios
Fortinet Fortiproxy
6.5
CVSSv3
CVE-2022-45861
An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 up to and including 7.2.3, version 7.0.0 up to and including 7.0.9 and prior to 6.4.11 and FortiProxy version 7.2.0 up to and including 7.2.1, version 7.0.0 up to an...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortios
Fortinet Fortiproxy 7.2.1
Fortinet Fortiproxy 1.1.5
Fortinet Fortiproxy 1.1.6
6.5
CVSSv3
CVE-2021-41019
An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials.
Fortinet Fortios
6.5
CVSSv3
CVE-2019-17656
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote malicious user to crash the service by sending a malformed PUT request to t...
Fortinet Fortiproxy
Fortinet Fortios
6.5
CVSSv3
CVE-2020-6648
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and previous versions and FortiProxy 2.0.0, 1.2.9 and previous versions may allow an authenticated malicious user to obtain sensitive information such as users passwords...
Fortinet Fortios
Fortinet Fortiproxy 2.0.0
Fortinet Fortiproxy
6.5
CVSSv3
CVE-2019-5591
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
Fortinet Fortios
1 Article
6.5
CVSSv3
CVE-2019-6693
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' pas...
Fortinet Fortios
Fortinet Fortios 6.2.0
3 Github repositories
6.5
CVSSv3
CVE-2019-5587
Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow malicious user to implant malicious programs into the installing image by reassembling the image through specific methods.
Fortinet Fortios
6.5
CVSSv3
CVE-2018-13383
A heap buffer overflow in Fortinet FortiOS 6.0.0 up to and including 6.0.4, 5.6.0 up to and including 5.6.10, 5.4.0 up to and including 5.4.12, 5.2.14 and previous versions and FortiProxy 2.0.0, 1.2.8 and previous versions in the SSL VPN web portal may cause the SSL VPN web servi...
Fortinet Fortiproxy
Fortinet Fortiproxy 2.0.0
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »