EUVD-2022-40967

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Improper handling of malformed request vulnerability in FortiADC allows attack bypass of WAF protections

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-38381	2 Nov 202212:15	–	attackerkb
CNNVD	Fortinet FortiADC 安全漏洞	2 Nov 202200:00	–	cnnvd
CVE	CVE-2022-38381	2 Nov 202200:00	–	cve
Cvelist	CVE-2022-38381	2 Nov 202200:00	–	cvelist
Fortinet	FortiADC - WAF XSS Injection Bypass	1 Nov 202200:00	–	fortinet
NVD	CVE-2022-38381	2 Nov 202212:15	–	nvd
Prion	Sql injection	2 Nov 202212:15	–	prion
Positive Technologies	PT-2022-24398 · Fortinet · Fortiadc	2 Nov 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-38381	9 Jan 202609:15	–	redhatcve
Vulnrichment	CVE-2022-38381	2 Nov 202200:00	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "c97d95dd-6ec7-32d8-8cb0-48475151a9e6",
        "vendor": {
          "name": "Fortinet"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "a5ac7fd2-ed9b-36b1-b135-e7b05155aefe",
        "product": {
          "name": "Fortinet FortiADC"
        },
        "product_version": "FortiADC 7.0.2, 7.0.1, 7.0.0, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-22-234

03 Oct 2025 20:07Current

9.4High risk

Vulners AI Score9.4

CVSS 3.15.3 - 9.8

EPSS0.00271

SSVC