855 matches found
CVE-2021-43205
An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...
CVE-2021-43205
An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...
CVE-2021-44169
A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...
CVE-2021-44169
A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...
Input validation
A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...
Xxe
An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...
CVE-2021-44169
A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...
CVE-2021-44169
A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...
CVE-2021-44169
Fortinet FortiClient for Windows is affected by CVE-2021-44169 due to improper initialization in versions 6.0.10 and below, 6.2.9 and below, 6.4.7 and below, and 7.0.3 and below. This local Privilege Escalation flaw allows an attacker to gain administrative privileges by placing a malicious execu...
CVE-2021-43205
FortiClient for Linux (affected versions: 7.0.2 and below, 6.4.7 and below, 6.2.9 and below) contains an information disclosure vulnerability where an unauthenticated attacker could access the confighandler webserver via external binaries. This is documented as CVE-2021-43205 with CVSSv3 base sco...
CVE-2021-43205
An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...
CVE-2021-43205
An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...
Fortinet FortiClient 安全漏洞
Fortinet FortiClient is a mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. executable file in the FortiClient installer...
Fortinet FortiClient 信息泄露漏洞
Fortinet FortiClient is a fabric agent from Fortinet USA, Inc. It is used to provide protection, compliance, and secure access in a single modular lightweight client.An information disclosure vulnerability exists in Fortinet FortiClient for Linux. An unauthenticated attacker could exploit the...
FortiClient (Windows) - privilege escalation in online installer due to incorrect working directory
An improper initialization CWE-665 vulnerability in FortiClient Windows may allow a local attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...
FortiClient (Linux) - Improper directories permissions
An incorrect permission assignment for critical resource vulnerability CWE-732 in FortiClient for Linux may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links...
Fortinet FortiClient 安全漏洞
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...
FortiClient (Linux) - external access to confighandler webserver
An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux may allow an unauthenticated attacker to access the confighandler webserver via external binaries...
PT-2022-5801 · Fortinet · Forticlient
Name of the Vulnerable Software and Affected Versions: FortiClientWindows versions 7.0.0 through 7.0.3 FortiClientWindows versions 6.4.0 through 6.4.7 FortiClientWindows versions 6.2.0 through 6.2.9 FortiClientWindows versions 6.0.0 through 6.0.10 Description: The issue is related to insecure...
Fortinet FortiClient Network Access Control Uncontrolled Search Path Element Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient Network Access Control. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...