Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-26103
An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated malicious us...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortios 7.0.0
5.3
CVSSv3
CVE-2023-47536
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated malicious user to bypass th...
Fortinet Fortios 7.2.0
Fortinet Fortiproxy
Fortinet Fortios
4.8
CVSSv3
CVE-2023-29175
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 up to and including 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 up to and including 7.0.9, 7.2.0 up to and including 7.2.3 may allow a remote...
Fortinet Fortiproxy
Fortinet Fortios 7.2.0
Fortinet Fortios
3.3
CVSSv3
CVE-2022-22302
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 up to and including 6.4.1, 6.2.0 up to and including 6.2.9 and 6.0.0 up to and including 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a l...
Fortinet Fortios 6.4.0
Fortinet Fortios
Fortinet Fortiauthenticator 6.1.0
Fortinet Fortios 6.4.1
Fortinet Fortiauthenticator 5.5.0
Fortinet Fortiauthenticator
8.1
CVSSv3
CVE-2022-41335
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8 and prior to 6.4.10, FortiProxy version 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.7 and prior to 2.0.10, FortiSwitchM...
Fortinet Fortiswitchmanager 7.0.0
Fortinet Fortiswitchmanager 7.2.0
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
Fortinet Fortios 7.2.2
9.8
CVSSv3
CVE-2022-42475
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8, 6.4.0 up to and including 6.4.10, 6.2.0 up to and including 6.2.11, 6.0.15 and previous versions and FortiProxy SSL-VPN 7.2.0 up to and includ...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
9 Github repositories
5 Articles
7.5
CVSSv3
CVE-2021-41024
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized malicious user to inject path traversal character sequences to disclose sensitive information of the server via the GET req...
Fortinet Fortiproxy 7.0.0
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
7.5
CVSSv3
CVE-2022-29055
A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 up to and including 7.0.5, 6.4.0 up to and including 6.4.8, 6.2.0 up to and including 6.2.10, 6.0.x, FortiProxy version 7.0.0 up to and including 7.0.4, 2.0.0 up to and including 2.0.9, 1.2.x allows a remo...
Fortinet Fortios
Fortinet Fortios 7.2.0
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy
8.8
CVSSv3
CVE-2023-36639
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.10, FortiOS versions 7.4.0, 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.11, 6.4.0 up to and including 6.4.12, 6.2.0 up to...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortios 7.4.0
Fortinet Fortipam 1.1.0
Fortinet Fortipam
3.3
CVSSv3
CVE-2022-29054
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 up to and including 7.0.5, 6.4.0 up to and including 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key ...
Fortinet Fortiproxy
Fortinet Fortios 7.2.0
Fortinet Fortiproxy 7.2.0
Fortinet Fortios
Fortinet Fortiproxy 7.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »