Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2021-42753
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.x, 6.1.x, 6.0.x, 5.9.x and 5.8.x may allow an authenticated malicious user to perform an arbi...
Fortinet Fortiweb
756
VMScore
CVE-2019-15709
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.
Fortinet Fortiap-s
Fortinet Fortiap-w2
Fortinet Fortiap-u
755
VMScore
CVE-2015-2281
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote malicious users to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
Fortinet Single Sign On 4.3
1 EDB exploit
755
VMScore
CVE-2008-7161
Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote malicious users to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header. NOTE: this issue might be related to CVE-2005-3058.
Fortinet Fortigate-1000 3.00
1 EDB exploit
755
VMScore
CVE-2005-3058
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote malicious users to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field,...
Fortinet Fortios
Fortinet Fortigate 2.8
1 EDB exploit
736
VMScore
CVE-2015-5736
The Fortishield.sys driver in Fortinet FortiClient prior to 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
Fortinet Forticlient
3 EDB exploits
3 Github repositories
703
VMScore
CVE-2021-22127
An improper input validation vulnerability in FortiClient for Linux 6.4.x prior to 6.4.3, FortiClient for Linux 6.2.x prior to 6.2.9 may allow an unauthenticated malicious user to execute arbitrary code on the host operating system as root via tricking the user into connecting to...
Fortinet Forticlient
694
VMScore
CVE-2021-22124
An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 up to and including 3.2.2, 3.1.0 up to and including 3.1.4, and 3.0.0 up to and including 3.0.6; and FortiAuthenticator prior to 6.0.6 may allow an unauthenticated ma...
Fortinet Fortiauthenticator
Fortinet Fortisandbox
694
VMScore
CVE-2015-1452
The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote malicious users to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages.
Fortinet Fortios 5.0.7
694
VMScore
CVE-2005-4570
The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote malicious users to cause a denial of service (termination of a process that is automatically restarted) via IKE packets...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »