Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios 7.4.1 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-44250
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 up to and including 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 up to and including 7.4.1 allows an authenticated malicious user to perform elevated actions vi...
Fortinet Fortios 7.4.0
Fortinet Fortios 7.2.5
Fortinet Fortiproxy 7.4.0
Fortinet Fortiproxy 7.4.1
Fortinet Fortios 7.4.1
5
CVSSv3
CVE-2023-45586
An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.7 and prior to 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 up to and incl...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
Fortinet Fortiproxy 7.4.1
Fortinet Fortios 7.4.0
Fortinet Fortios 7.4.1
Fortinet Fortios
4.8
CVSSv3
CVE-2023-47537
An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6, 7.4.0 - 7.4.1 and 6.4 all versions allows a remote and unauthenticated malicious user to perform a Man-in-the-Middle attack on the FortiLink communication channel between the Forti...
Fortinet Fortios 7.4.0
Fortinet Fortios 7.4.1
Fortinet Fortios
7.2
CVSSv3
CVE-2023-46714
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 up to and including 7.2.6 and version 7.4.0 up to and including 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or H...
Fortinet Fortios 7.4.0
Fortinet Fortios 7.4.1
Fortinet Fortios
9.8
CVSSv3
CVE-2023-42789
A out-of-bounds write in Fortinet FortiOS 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.12, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, FortiProxy 7.4.0, 7.2.0 up to and including 7.2.6, 7.0.0 up to and inc...
Fortinet Fortios
Fortinet Fortios 7.4.0
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
Fortinet Fortios 7.4.1
2 Articles
4.3
CVSSv3
CVE-2024-23112
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.6, 7.0.1 up to and including 7.0.13, 6.4.7 up to and including 6.4.14, and FortiProxy version 7.4.0 up to and including 7....
Fortinet Fortios
Fortinet Fortiproxy
1 Article
8.1
CVSSv3
CVE-2023-42790
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.12, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, FortiProxy 7.4.0, 7.2.0 up to and including 7.2.6, 7.0.0 up to...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
1 Article
8.8
CVSSv3
CVE-2023-46717
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts.
Fortinet Fortios
1 Article
NA
CVE-2024-26007
An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated malicious user to provoke a denial of service on the administrative interface via crafted HTTP requests.
NA
CVE-2024-23662
An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 up to and including 7.4.1 and 7.2.0 up to and including 7.2.5 and 7.0.0 up to and including 7.0.15 and 6.4.0 up to and including 6.4.15 allows malicious user to infor...
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »