CVE-2024-47573

An improper validation of integrity check value vulnerability CWE-354 in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted...

CVE-2024-47573

An improper validation of integrity check value vulnerability CWE-354 in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted...

CVE-2024-47573

An improper validation of integrity check value vulnerability CWE-354 in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted...

CVE-2024-47573

An improper validation of integrity check value vulnerability CWE-354 in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted...

CVE-2024-47573

This CVE concerns FortiNDR where an improper validation of an integrity check value (CWE-354) in FortiNDR versions <= 7.4.2, <= 7.2.1, <= 7.1.1, and

Fortinet FortiNDR 安全漏洞

Fortinet FortiNDR is a network detection and response solution from Fortinet, Inc. A security vulnerability exists in Fortinet FortiNDR versions 7.4.2 and earlier, 7.2.1 and earlier, 7.1.1 and earlier, 7.0.6 and earlier, which stems from improper validation of the integrity check value and could...

CVE-2023-48790

A cross site request forgery vulnerability CWE-352 in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests...

CVE-2023-48790

A cross site request forgery vulnerability CWE-352 in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests...

CVE-2023-48790

Fortinet FortiNDR is affected by a cross-site request forgery (CSRF, CWE-352) vulnerability that allows a remote unauthenticated attacker to perform unauthorized actions via crafted HTTP GET requests. Affected versions include 7.4.0, 7.2.0–7.2.1, 7.1.0–7.1.1, and all versions prior to 7.0.5. The ...

CVE-2023-48790

A cross site request forgery vulnerability CWE-352 in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests...

CVE-2023-48790

A cross site request forgery vulnerability CWE-352 in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests...

PT-2025-10768 · Fortinet · Fortindr

Name of the Vulnerable Software and Affected Versions: Fortinet FortiNDR versions 7.1.0 through 7.1.1 Fortinet FortiNDR versions 7.2.0 through 7.2.1 Fortinet FortiNDR version 7.4.0 Fortinet FortiNDR versions prior to 7.0.5 Description: A cross-site request forgery vulnerability in Fortinet FortiN...

Fortinet FortiNDR 跨站请求伪造漏洞

Fortinet FortiNDR is a network detection and response solution from Fortinet, Inc. A cross-site request forgery vulnerability exists in Fortinet FortiNDR, which stems from a cross-site request forgery that could lead to the execution of an unauthorized operation. The following versions are...

CVE-2022-27488

A cross-site request forgery CSRF in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2,...

Cross site request forgery (csrf)

A cross-site request forgery CSRF in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2,...

CVE-2022-27488

CVE-2022-27488 describes a cross-site request forgery (CSRF) vulnerability in multiple Fortinet products (FortiVoiceEnterprise, FortiSwitch, FortiMail, FortiRecorder, FortiNDR) where an unauthenticated attacker can cause an authenticated admin to trigger commands on the CLI via a crafted HTTP GET...

Fortinet FortiVoice Security Vulnerability

Fortinet FortiSwitch and others are products of Fortinet, Inc. FortiSwitch is a switch product and Fortinet FortiVoice is a product of tine and others are products of tine, Inc. tine is a team collaboration software. A security vulnerability exists in Fortinet FortiVoiceEnterprise, FortiSwitch,...

PT-2023-8025 · Fortinet · Fortiswitch +4

Name of the Vulnerable Software and Affected Versions: FortiVoiceEnterprise versions 6.0.x through 6.4.x FortiSwitch versions 6.0.x through 7.0.4 FortiMail versions 6.0.x through 7.0.3 FortiRecorder versions 2.6.x through 6.4.2 FortiNDR version 1.x.x Description: A cross-site request forgery CSRF...

FortiMail / FortiNDR / FortiWeb - Path traversal vulnerabilities

Multiple Path traversal vulnerabilities in FortiMail, FortiNDR & FortiWeb may allow a regular user to obtain unauthorized access to files and data via specifically crafted web requests...

FortiNDR - OS command injection due to improper input sanitization

An improper input validation in FortiNDR v1.4.0 may allow an authenticated user to gain system shell access via a malicious payload in the "diagnose" command...