Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios 7.2.5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45583
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.11, 2.0.0 up to and including 2.0.13, 1.2.0 up to and including 1.2.13, 1.1.0 up to and including 1.1.6 FortiPAM versions 1.1.0, 1.0.0 up to...
NA
CVE-2024-23662
An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 up to and including 7.4.1 and 7.2.0 up to and including 7.2.5 and 7.0.0 up to and including 7.0.15 and 6.4.0 up to and including 6.4.15 allows malicious user to infor...
1 Article
9.8
CVSSv3
CVE-2023-42789
A out-of-bounds write in Fortinet FortiOS 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.12, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, FortiProxy 7.4.0, 7.2.0 up to and including 7.2.6, 7.0.0 up to and inc...
Fortinet Fortios
Fortinet Fortios 7.4.0
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
Fortinet Fortios 7.4.1
2 Articles
8.1
CVSSv3
CVE-2023-42790
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.12, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, FortiProxy 7.4.0, 7.2.0 up to and including 7.2.6, 7.0.0 up to...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
1 Article
8.8
CVSSv3
CVE-2023-44250
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 up to and including 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 up to and including 7.4.1 allows an authenticated malicious user to perform elevated actions vi...
Fortinet Fortios 7.4.0
Fortinet Fortios 7.2.5
Fortinet Fortiproxy 7.4.0
Fortinet Fortiproxy 7.4.1
Fortinet Fortios 7.4.1
6.5
CVSSv3
CVE-2023-36641
A numeric truncation error in Fortinet FortiProxy version 7.2.0 up to and including 7.2.4, FortiProxy version 7.0.0 up to and including 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4...
Fortinet Fortiproxy
Fortinet Fortios
7.5
CVSSv3
CVE-2023-37935
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an malicious user to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those...
Fortinet Fortios
Fortinet Fortios 7.4.0
6.5
CVSSv3
CVE-2023-33306
A null pointer dereference in Fortinet FortiOS prior to 7.2.5, prior to 7.0.11 and prior to 6.4.13, FortiProxy prior to 7.2.4 and prior to 7.0.10 allows malicious user to denial of sslvpn service via specifically crafted request in bookmark parameter.
Fortinet Fortios
Fortinet Fortiproxy
6.5
CVSSv3
CVE-2023-33307
A null pointer dereference in Fortinet FortiOS prior to 7.2.5 and prior to 7.0.11, FortiProxy prior to 7.2.3 and prior to 7.0.9 allows malicious user to denial of sslvpn service via specifically crafted request in network parameter.
Fortinet Fortios
Fortinet Fortiproxy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started