Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiwan 4.2.5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-33869
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiWAN 4.0.0 up to and including 4.5.9 may allow an authenticated malicious user to execute unauthorized commands via specifically crafted arguments to exi...
Fortinet Fortiwan 4.4.1
Fortinet Fortiwan 4.4.0
Fortinet Fortiwan 4.3.1
Fortinet Fortiwan 4.3.0
Fortinet Fortiwan 4.2.7
Fortinet Fortiwan 4.2.6
Fortinet Fortiwan 4.2.5
Fortinet Fortiwan 4.2.2
Fortinet Fortiwan 4.2.1
Fortinet Fortiwan 4.1.3
Fortinet Fortiwan 4.1.2
Fortinet Fortiwan 4.1.1
Fortinet Fortiwan
9
CVSSv2
CVE-2016-4965
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Fortinet Fortiwan
4
CVSSv2
CVE-2016-4966
The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter.
Fortinet Fortiwan
4
CVSSv2
CVE-2016-4968
The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request.
Fortinet Fortiwan
4.3
CVSSv2
CVE-2016-4969
Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote malicious users to inject arbitrary web script or HTML via the IP parameter to script/statistics/getconn.php.
Fortinet Fortiwan
4
CVSSv2
CVE-2016-4967
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to obtain sensitive information from (1) a backup of the device configuration via script/cfg_show.php or (2) PCAP files via script/system/tcpdump.php.
Fortinet Fortiwan
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started