Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

fortinac vulnerabilities and exploits

(subscribe to this query)
6.7
CVSSv3

CVE-2021-41021

A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command.
Fortinet Fortinac 8.8.0Fortinet Fortinac 8.8.1Fortinet Fortinac 8.8.2Fortinet Fortinac 8.8.3Fortinet Fortinac 8.8.4Fortinet Fortinac 8.8.5Fortinet Fortinac 8.8.6Fortinet Fortinac 8.8.7Fortinet Fortinac 8.8.8Fortinet Fortinac 9.1.0Fortinet Fortinac 9.1.1Fortinet Fortinac 9.1.2
9.8
CVSSv3

CVE-2023-33299

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows malicious user to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC version...
Fortinet FortinacFortinet Fortinac 7.2.0Fortinet Fortinac 7.2.1Fortinet Fortinac 8.3.7Fortinet Fortinac 9.4.0Fortinet Fortinac 9.4.1Fortinet Fortinac 9.4.2
8.8
CVSSv3

CVE-2022-26117

An empty password in configuration file vulnerability [CWE-258] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated malicious user to access the MySQL d...
Fortinet FortinacFortinet Fortinac 8.3.7Fortinet Fortinac 8.5.4Fortinet Fortinac 8.6.0
7.2
CVSSv3

CVE-2022-39946

An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all versions, 8.6 all versions, 8.5 all versions may allow a remote attacker authenticated on the administrative interface to perform un...
Fortinet FortinacFortinet Fortinac 9.4.0Fortinet Fortinac 9.4.1Fortinet Fortinac 9.4.2
7.8
CVSSv3

CVE-2022-39953

A improper privilege management in Fortinet FortiNAC version 9.4.0 up to and including 9.4.1, FortiNAC version 9.2.0 up to and including 9.2.6, FortiNAC version 9.1.0 up to and including 9.1.8, FortiNAC all versions 8.8, FortiNAC all versions 8.7, FortiNAC all versions 8.6, Forti...
Fortinet FortinacFortinet Fortinac 8.3.7Fortinet Fortinac 9.4.0Fortinet Fortinac 9.4.1
5.4
CVSSv3

CVE-2023-22638

Several improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated malicious use...
Fortinet FortinacFortinet Fortinac 8.3.7Fortinet Fortinac 9.4.0Fortinet Fortinac 9.4.1
7.5
CVSSv3

CVE-2023-22633

An improper permissions, privileges, and access controls vulnerability [CWE-264] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions 8.7.0 all versions may allow an unauthenticated malicious user to perform a DoS attack on the devic...
Fortinet FortinacFortinet Fortinac 9.4.0Fortinet Fortinac 9.4.1Fortinet Fortinac-f 7.2.0
8.8
CVSSv3

CVE-2022-26116

Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below ma...
Fortinet FortinacFortinet Fortinac 8.5.4Fortinet Fortinac 8.6.0
8.8
CVSSv3

CVE-2022-40677

A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet FortiNAC versions 9.4.0, 9.2.0 up to and including 9.2.5, 9.1.0 up to and including 9.1.7, 8.8.0 up to and including 8.8.11, 8.7.0 up to and including 8.7.6, 8.6.0 up to and...
Fortinet FortinacFortinet Fortinac 8.3.7Fortinet Fortinac 9.4.0
5.4
CVSSv3

CVE-2022-40676

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiNAC versions 9.4.0, 9.2.0 up to and including 9.2.5, 9.1.0 up to and including 9.1.8, 8.8.0 up to and including 8.8.11, 8.7.0 up to and including 8.7.6, 8.6.0 up to a...
Fortinet FortinacFortinet Fortinac 8.3.7Fortinet Fortinac 9.4.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-42599CVE-2025-3808phpgurukulinsecure direct object referenceCVE-2025-3840CVE-2025-43967men salon management systemdenial of servicevirtuemart component for joomlapritunlLFICVE-2025-32433CVE-2022-47112
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook