Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-41335
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8 and prior to 6.4.10, FortiProxy version 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.7 and prior to 2.0.10, FortiSwitchM...
Fortinet Fortiswitchmanager 7.0.0
Fortinet Fortiswitchmanager 7.2.0
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
Fortinet Fortios 7.2.2
8.1
CVSSv3
CVE-2022-30307
A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated malicious user to perform a man in the middle attack.
Fortinet Fortios
8.1
CVSSv3
CVE-2018-9185
An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature.
Fortinet Fortios
8
CVSSv3
CVE-2021-44171
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiOS version 6.0.0 up to and including 6.0.14, FortiOS version 6.2.0 up to and including 6.2.10, FortiOS version 6.4.0 up to and including 6.4.8, FortiOS version ...
Fortinet Fortios
7.8
CVSSv3
CVE-2022-43953
A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 up to and including 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 up to and including 7.2.1, FortiProxy version 7.0.0 up to and including...
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.1
Fortinet Fortios
7.8
CVSSv3
CVE-2023-22639
A out-of-bounds write in Fortinet FortiOS version 7.2.0 up to and including 7.2.3, FortiOS version 7.0.0 up to and including 7.0.10, FortiOS version 6.4.0 up to and including 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 up to and including ...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios
Fortinet Fortiproxy 7.2.2
7.8
CVSSv3
CVE-2022-22299
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 up to and including 6.0.4, FortiADC version 6.1.0 up to and including 6.1.5, FortiADC version 6.2.0 up to and including 6.2.1, FortiProxy version 1.0.0 up to and including 1.0.7, For...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortiadc 6.2.0
Fortinet Fortiadc 6.2.1
Fortinet Fortimail
Fortinet Fortiproxy 7.0.0
Fortinet Fortiproxy 7.0.1
Fortinet Fortiadc
7.8
CVSSv3
CVE-2021-44168
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS prior to 7.0.3 may allow a local authenticated malicious user to download arbitrary files on the device via specially crafted update packages.
Fortinet Fortios
2 Github repositories
7.8
CVSSv3
CVE-2021-26110
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged malicious user to escalate their privileges to super_admi...
Fortinet Fortiproxy 2.0.0
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortios 7.0.0
Fortinet Fortiproxy 2.0.1
7.5
CVSSv3
CVE-2023-37935
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an malicious user to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those...
Fortinet Fortios
Fortinet Fortios 7.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »