Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-36180
Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.5 and below may allow an authenticated malicious user to execute unauthorized code or commands via crafted param...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 5.9.0
Fortinet Fortiweb 5.9.1
Fortinet Fortiweb 6.1.0
Fortinet Fortiweb 6.1.1
NA
CVE-2022-42471
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.4.0 up to and including 6.4.2, FortiWeb version 6.3.6 up to and including 6.3.20 may ...
Fortinet Fortiweb 6.4.0
Fortinet Fortiweb 6.4.1
Fortinet Fortiweb 6.4.2
Fortinet Fortiweb 7.0.0
Fortinet Fortiweb 7.0.1
Fortinet Fortiweb 7.0.2
Fortinet Fortiweb
685
VMScore
CVE-2013-6826
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer prior to 5.0.5 does not properly validate the csrf_token parameter, which allows remote malicious users to perform cross-site request forgery (CSRF) attacks.
Fortinet Fortianalyzer Firmware
Fortinet Fortianalyzer-2000b -
Fortinet Fortianalyzer-200d -
Fortinet Fortianalyzer-4000b -
Fortinet Fortianalyzer-3000d -
Fortinet Fortianalyzer-1000d -
Fortinet Fortianalyzer-300d -
1 EDB exploit
383
VMScore
CVE-2016-3194
Cross-site scripting (XSS) vulnerability in the address added page in Fortinet FortiManager 5.x prior to 5.0.12 and 5.2.x prior to 5.2.6 and FortiAnalyzer 5.x prior to 5.0.13 and 5.2.x prior to 5.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspeci...
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortianalyzer Firmware 5.0.7
Fortinet Fortianalyzer Firmware 5.0.8
Fortinet Fortianalyzer Firmware 5.2.2
Fortinet Fortianalyzer Firmware 5.2.3
383
VMScore
CVE-2016-3195
Cross-site scripting (XSS) vulnerability in the Web-UI in Fortinet FortiManager 5.x prior to 5.0.12 and 5.2.x prior to 5.2.6 and FortiAnalyzer 5.x prior to 5.0.13 and 5.2.x prior to 5.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors...
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortianalyzer Firmware 5.0.6
Fortinet Fortianalyzer Firmware 5.0.7
Fortinet Fortianalyzer Firmware 5.2.1
Fortinet Fortianalyzer Firmware 5.2.2
312
VMScore
CVE-2017-7335
A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refr...
Fortinet Fortiwlc 6.1-2
Fortinet Fortiwlc 6.1-4
Fortinet Fortiwlc 6.1-5
Fortinet Fortiwlc 7.0-7
Fortinet Fortiwlc 8.1
Fortinet Fortiwlc 8.2
Fortinet Fortiwlc 8.3.0
Fortinet Fortiwlc 8.3.1
Fortinet Fortiwlc 8.3.2
Fortinet Fortiwlc 7.0-8
Fortinet Fortiwlc 7.0-10
Fortinet Fortiwlc 7.0-9
Fortinet Fortiwlc 8.0
NA
CVE-2023-29178
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 up to and including 7.2.3 and prior to 7.0.9 and FortiOS version 7.2.0 up to and including 7.2.4 and prior to 7.0.11 allows an authenticated malicious user to repetitively crash the htt...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios
Fortinet Fortiproxy 7.2.2
Fortinet Fortiproxy 7.2.3
NA
CVE-2022-22302
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 up to and including 6.4.1, 6.2.0 up to and including 6.2.9 and 6.0.0 up to and including 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a l...
Fortinet Fortios 6.4.0
Fortinet Fortios
Fortinet Fortiauthenticator 6.1.0
Fortinet Fortios 6.4.1
Fortinet Fortiauthenticator 5.5.0
Fortinet Fortiauthenticator
NA
CVE-2023-44253
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiManager version 7.4.0 up to and including 7.4.1 and prior to 7.2.5, FortiAnalyzer version 7.4.0 up to and including 7.4.1 and prior to 7.2.5 and FortiAnalyzer-BigData prior to 7...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortimanager 7.4.0
Fortinet Fortimanager 7.4.1
Fortinet Fortianalyzer 7.4.1
NA
CVE-2023-25609
A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.6, 6.4.8 up to and including 6.4.11 may allow a remote and authenticated malicious user to access unauthorized files a...
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer 7.2.0
Fortinet Fortianalyzer 7.2.1
Fortinet Fortimanager 7.2.1
Fortinet Fortimanager
Fortinet Fortianalyzer
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »