Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-14190
A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and previous versions, allows malicious user to inject arbitrary web script or HTML via maliciously crafted "Host" header in user HTTP requests.
Fortinet Fortios
6.1
CVSSv3
CVE-2017-7739
A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated malicious user to inject arbitrary web script or HTML in the context of the victim's browser v...
Fortinet Fortios 5.2.10
Fortinet Fortios 5.2.11
Fortinet Fortios 5.4.0
Fortinet Fortios 5.4.1
Fortinet Fortios 5.2.6
Fortinet Fortios 5.2.8
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.5
Fortinet Fortios 5.2.1
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.3
Fortinet Fortios 5.2.4
Fortinet Fortios 5.6.0
Fortinet Fortios 5.2.0
Fortinet Fortios 5.2.5
Fortinet Fortios 5.2.7
Fortinet Fortios 5.2.9
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.4
6.1
CVSSv3
CVE-2017-7733
A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated malicious user to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter.
Fortinet Fortios 5.4.0
Fortinet Fortios 5.4.1
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.5
Fortinet Fortios 5.4.4
Fortinet Fortios 5.6.0
6.1
CVSSv3
CVE-2017-3132
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to Execute unauthorized code or commands via the action input during the activation of a FortiToken.
Fortinet Fortios
1 EDB exploit
6.1
CVSSv3
CVE-2017-3133
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.
Fortinet Fortios
1 EDB exploit
6.1
CVSSv3
CVE-2017-3127
A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 up to and including 5.2.10 allows malicious user to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation.
Fortinet Fortios 5.2.3
Fortinet Fortios 5.2.4
Fortinet Fortios 5.2.1
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.9
Fortinet Fortios 5.2.10
Fortinet Fortios 5.2.0
Fortinet Fortios 5.2.7
Fortinet Fortios 5.2.8
Fortinet Fortios 5.2.5
Fortinet Fortios 5.2.6
6.1
CVSSv3
CVE-2016-3978
The Web User Interface (WebUI) in FortiOS 5.0.x prior to 5.0.13, 5.2.x prior to 5.2.3, and 5.4.x prior to 5.4.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" p...
Fortinet Fortios 5.0.1
Fortinet Fortios 5.0.0
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.1
Fortinet Fortios 5.0.10
Fortinet Fortios 5.0.9
Fortinet Fortios 5.0.8
Fortinet Fortios 5.0.7
Fortinet Fortios 5.0.11
Fortinet Fortios 5.0.6
Fortinet Fortios 5.0.4
Fortinet Fortios 5.0.2
Fortinet Fortios 5.2.0
Fortinet Fortios 5.0.12
Fortinet Fortios 5.0.5
Fortinet Fortios 5.0.3
Fortinet Fortios 5.4
6
CVSSv3
CVE-2022-38378
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and prior to 7.0.7 and FortiProxy version 7.2.0 up to and including 7.2.1 and prior to 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator...
Fortinet Fortiproxy
Fortinet Fortios
6
CVSSv3
CVE-2021-36169
A Hidden Functionality in Fortinet FortiOS 7.x prior to 7.0.1, FortiOS 6.4.x prior to 6.4.7 allows malicious user to Execute unauthorized code or commands via specific hex read/write operations.
Fortinet Fortios 7.0.0
Fortinet Fortios
5.9
CVSSv3
CVE-2018-9195
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiCl...
Fortinet Forticlient
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »