Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-43074
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and be...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiswitch
Fortinet Fortiweb
6.5
CVSSv3
CVE-2022-27490
A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 up to and including 6.0.4, FortiAnalyzer version 6.0.0 up to and including 6.0.4, FortiPortal version 6.0.0 up to and including 6.0.9, 5.3.0 up to and including 5.3.8, 5.2.x, 5.1.0...
Fortinet Fortiportal
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiswitch
5.4
CVSSv3
CVE-2021-22131
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows malicious user to retrieve information disclosed via man-in-the-...
Fortinet Fortitoken Mobile 5.0.3
Fortinet Fortitoken Mobile 5.0.2
Fortinet Fortitoken Mobile 4.5.0
Fortinet Fortitoken Mobile 4.4.0
Fortinet Fortitoken Mobile 4.3.0
Fortinet Fortitoken Mobile 4.2.2
Fortinet Fortitoken Mobile 4.2.1
Fortinet Fortitoken Mobile 4.1.1
Fortinet Fortitoken Mobile 4.0.1
Fortinet Fortitoken Mobile 4.0.3
Fortinet Fortitoken Mobile 3.0.1
Fortinet Fortitoken Mobile 3.0.0
Fortinet Fortitoken Mobile 5.2.0
Fortinet Fortitoken Mobile 4.2.0
Fortinet Fortitoken Mobile 4.1.0
Fortinet Fortitoken Mobile 3.0.5
Fortinet Fortitoken Mobile 3.0.4
Fortinet Fortitoken Mobile 3.0.3
Fortinet Fortitoken Mobile 3.0.2
Fortinet Fortitoken Mobile 4.0.0
Fortinet Fortitoken Mobile 0.4.20
Fortinet Fortitoken Mobile 0.4.10
6.5
CVSSv3
CVE-2022-30300
A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 up to and including 7.0.1, 6.3.6 up to and including 6.3.18, 6.4 all versions may allow an authenticated malicious user to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
8.8
CVSSv3
CVE-2022-30303
An improper neutralization of special elements used in an os command ('OS Command Injection') [CWE-78] in FortiWeb 7.0.0 up to and including 7.0.1, 6.3.0 up to and including 6.3.19, 6.4 all versions may allow an authenticated malicious user to execute arbitrary shell co...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
8.8
CVSSv3
CVE-2023-23779
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated malicious user to execute unauthorized...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
NA
CVE-2014-8618
Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models prior to 4.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Fortinet Fortiadc Firmware
Fortinet Fortiadc-700d -
Fortinet Fortiadc-200d -
Fortinet Fortiadc-1500d -
Fortinet Fortiadc-2000d -
Fortinet Fortiadc-4000d -
7.2
CVSSv3
CVE-2022-33871
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and previous versions, 6.4 all versions, version 6.3.19 and previous versions may allow a privileged malicious user to execute arbitrary code or commands via specifically crafted CLI `execute backup-l...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb
5.4
CVSSv3
CVE-2023-41673
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and prior to 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests.
Fortinet Fortiadc
Fortinet Fortiadc 7.1.0
Fortinet Fortiadc 7.2.0
Fortinet Fortiadc 7.1.1
Fortinet Fortiadc 7.1.2
Fortinet Fortiadc 7.4.0
7.5
CVSSv3
CVE-2021-41014
A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated malicious user to make the httpsd daemon unresponsive via huge HTTP packets
Fortinet Fortiweb
Fortinet Fortiweb 6.1.0
Fortinet Fortiweb 6.1.1
Fortinet Fortiweb 6.1.2
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »