CVE-2024-26009

CVE-2024-26009 describes an authentication bypass in Fortinet products (FortiOS, FortiProxy, FortiPAM) exploitable via FGFM requests when the device is managed by FortiManager and the attacker knows the FortiManager serial number. Affected: FortiOS 6.4.0–6.4.15 and before 6.2.16; FortiProxy 7.4.0...

CVE-2024-26006

An improper neutralization of input during web page Generation vulnerability CWE-79 in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote...

CVE-2023-22639

A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all...

PT-2023-3234 · Fortinet · Fortiproxy +2

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4.12 and earlier, 7.0.0 through 7.0.9 FortiOS versions 7.2.0 through 7.2.3 FortiProxy versions 7.0.0 through 7.0.7 FortiProxy versions 7.2.0 through 7.2.1 FortiSwitchManager versions 7.0.0 through 7.0.1 and earlier...