Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortinet firewall vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-33308
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 up to and including 7.0.10 and 7.2.0 up to and including 7.2.3 and FortiProxy version 7.0.0 up to and including 7.0.9 and 7.2.0 up to and including 7.2.2 allows a remote unauthenticated malicious use...
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios
Fortinet Fortiproxy 7.2.2
Fortinet Fortiproxy
9.8
CVSSv3
CVE-2022-38381
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 up to and including 6.2.3, and 7.0.0 up to and including 7.0.2. This may allow a remote attacker without privileges to bypass some ...
Fortinet Fortiadc
9.8
CVSSv3
CVE-2022-40684
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 up to and including 7.2.1 and 7.0.0 up to and including 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 up to and including 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0...
Fortinet Fortiswitchmanager 7.0.0
Fortinet Fortiswitchmanager 7.2.0
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy
Fortinet Fortios
1 Metasploit module
30 Github repositories
2 Articles
9.6
CVSSv3
CVE-2021-26088
An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets.
Fortinet Fortinet Single Sign-on
1 Github repository
6.1
CVSSv3
CVE-2017-3127
A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 up to and including 5.2.10 allows malicious user to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation.
Fortinet Fortios 5.2.7
Fortinet Fortios 5.2.9
Fortinet Fortios 5.2.1
Fortinet Fortios 5.2.10
Fortinet Fortios 5.2.6
Fortinet Fortios 5.2.4
Fortinet Fortios 5.2.3
Fortinet Fortios 5.2.5
Fortinet Fortios 5.2.0
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.8
5.3
CVSSv3
CVE-2023-47536
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated malicious user to bypass th...
Fortinet Fortios 7.2.0
Fortinet Fortiproxy
Fortinet Fortios
5.3
CVSSv3
CVE-2023-41675
A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 up to and including 7.2.4 and version 7.0.0 up to and including 7.0.10 and FortiProxy version 7.2.0 up to and including 7.2.2 and version 7.0.0 up to and including 7.0.8 may allow an unauthenticated remote maliciou...
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortiproxy 7.2.2
NA
CVE-2013-7182
Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote malicious users to inject arbitrary web script or HTML via the mkey parameter.
Fortinet Fortios 5.0.5
NA
CVE-2013-1414
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices prior to 4.3.13 and 5.x prior to 5.0.2 allow remote malicious users to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, o...
Fortinet Fortios
Fortinet Fortios 4.3.10
Fortinet Fortios 5.0
Fortinet Fortios 5.0.1
Fortinet Fortigate-1000c -
Fortinet Fortigate-100d -
Fortinet Fortigate-110c -
Fortinet Fortigate-1240b -
Fortinet Fortigate-200b -
Fortinet Fortigate-20c -
Fortinet Fortigate-300c -
Fortinet Fortigate-3040b -
Fortinet Fortigate-310b -
Fortinet Fortigate-311b -
Fortinet Fortigate-3140b -
Fortinet Fortigate-3240c -
Fortinet Fortigate-3810a -
Fortinet Fortigate-3950b -
Fortinet Fortigate-40c -
Fortinet Fortigate-5001a-sw -
Fortinet Fortigate-5001b -
Fortinet Fortigate-5020 -
1 EDB exploit
NA
CVE-2005-4570
The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote malicious users to cause a denial of service (termination of a process that is automatically restarted) via IKE packets...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »