Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

fortinet fortios 7.4.1 vulnerabilities and exploits

(subscribe to this query)
8.8
CVSSv3

CVE-2023-44250

An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 up to and including 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 up to and including 7.4.1 allows an authenticated malicious user to perform elevated actions vi...
Fortinet FortiosFortinet FortiproxyFortinet Fortiproxy 7.4.0Fortinet Fortiproxy 7.4.1Fortinet Fortios 7.2.5Fortinet Fortios 7.4.0Fortinet Fortios 7.4.1
5
CVSSv3

CVE-2023-45586

An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.7 and prior to 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 up to and incl...
Fortinet Fortios 7.4.0Fortinet Fortios 7.2.0Fortinet Fortiproxy 7.4.0Fortinet Fortios 7.0.0Fortinet Fortios 6.4.0Fortinet Fortios 6.2.0Fortinet Fortiproxy 7.2.0Fortinet Fortiproxy 7.0.0Fortinet Fortiproxy 2.0.0Fortinet FortiproxyFortinet FortiosFortinet Fortiproxy 7.4.1
4.8
CVSSv3

CVE-2023-47537

An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6, 7.4.0 - 7.4.1 and 6.4 all versions allows a remote and unauthenticated malicious user to perform a Man-in-the-Middle attack on the FortiLink communication channel between the Forti...
Fortinet FortiosFortinet Fortios 7.4.0Fortinet Fortios 7.4.1
7.2
CVSSv3

CVE-2023-46714

A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 up to and including 7.2.6 and version 7.4.0 up to and including 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or H...
Fortinet Fortios 7.2.1Fortinet Fortios 7.4.0Fortinet FortiosFortinet Fortios 7.4.1
9.8
CVSSv3

CVE-2023-42789

A out-of-bounds write in Fortinet FortiOS 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.12, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, FortiProxy 7.4.0, 7.2.0 up to and including 7.2.6, 7.0.0 up to and inc...
Fortinet FortiosFortinet FortipamFortinet FortiproxyFortinet Fortiproxy 7.4.0Fortinet Fortios 7.4.0Fortinet Fortios 7.4.1
3.7
CVSSv3

CVE-2024-46665

An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 up to and including 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests.
Fortinet Fortios 7.6.0Fortinet Fortios 7.4.4Fortinet Fortios 7.4.3Fortinet Fortios 7.4.2Fortinet Fortios 7.4.1Fortinet Fortios 7.4.0Fortinet Fortios
8.1
CVSSv3

CVE-2024-35279

A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 up to and including 7.2.8 and version 7.4.0 up to and including 7.4.4 allows a remote unauthenticated malicious user to execute arbitrary code or commands via crafted UDP packets through the C...
Fortinet Fortios 7.4.4Fortinet Fortios 7.4.3Fortinet Fortios 7.4.2Fortinet Fortios 7.4.1Fortinet Fortios 7.4.0Fortinet Fortios 7.2.8Fortinet Fortios 7.2.7Fortinet Fortios 7.2.6Fortinet Fortios 7.2.5Fortinet Fortios 7.2.4Fortinet Fortios
9.8
CVSSv3

CVE-2024-54021

An improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS 7.2.0 up to and including 7.6.0, FortiProxy 7.2.0 up to and including 7.4.5 allows malicious user to execute unauthorized code or commands via crafted HTTP heade...
Fortinet Fortios 7.6.0Fortinet Fortios 7.4.4Fortinet Fortios 7.4.3Fortinet Fortios 7.4.2Fortinet Fortios 7.4.1Fortinet Fortios 7.4.0Fortinet Fortios 7.2.8Fortinet Fortios 7.2.7Fortinet Fortios 7.2.6Fortinet Fortios 7.2.5Fortinet Fortios 7.2.4Fortinet Fortios 7.2.3
6.5
CVSSv3

CVE-2024-46669

An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated malicious user to crash the IPsec tunnel via crafted requests, resulting in potenti...
Fortinet Fortios 7.4.4Fortinet Fortios 7.4.3Fortinet Fortios 7.4.2Fortinet Fortios 7.4.1Fortinet Fortios 7.4.0Fortinet Fortios 7.2.10Fortinet Fortios 7.2.9Fortinet Fortios 7.2.8Fortinet Fortios 7.2.7Fortinet Fortios 7.2.6Fortinet Fortios 7.2.5Fortinet Fortios 7.2.4
9.1
CVSSv3

CVE-2024-48884

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 up to and including 7.6.1, 7.4.1 up to and including 7.4.3, FortiOS versions 7.6.0, 7.4.0 up to and including 7.4.4, 7.2.5 up to and including 7.2.9,...
Fortinet Fortimanager 7.6.1Fortinet Fortimanager 7.6.0Fortinet Fortimanager 7.4.3Fortinet Fortimanager 7.4.2Fortinet Fortimanager 7.4.1Fortinet Fortios 7.6.0Fortinet Fortios 7.4.4Fortinet Fortios 7.4.3Fortinet Fortios 7.4.2Fortinet Fortios 7.4.1Fortinet Fortios 7.4.0Fortinet Fortios 7.2.9
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
local file inclusionhard-codedCVE-2025-37899CVE-2025-46487CVE-2025-46474dnn.platformCVE-2025-47646school managementwordpress social login and registerreflected XSSCVE-2025-48735CVE-2025-4664zentaopms
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook