2971 matches found
Multiple Fortinet products Security vulnerabilities
Fortinet FortiAuthenticator and others are products of Fortinet, Inc.Fortinet FortiAuthenticator is a centralized user identity management solution.Fortinet FortiSwitchManager is a network switch Fortinet FortiSwitchManager is a network switch management tool designed to help organizations manage...
PT-2024-4150 · Fortinet · Fortiswitchmanager +5
Name of the Vulnerable Software and Affected Versions: FortiPAM versions 1.0.0 through 1.1.2 FortiPAM version 1.2.0 FortiWeb affected versions not specified FortiAuthenticator affected versions not specified FortiSwitchManager versions 7.0.1 through 7.2.3 FortiOS versions 6.0.0 through 7.4.3...
Fortinet Fortigate xss (FG-IR-23-471)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-471 advisory. - An improper neutralization of input during web page Generation 'Cross-site Scripting' vulnerability CWE-79 in FortiOS versi...
Fortinet Fortigate Weak key derivation for backup file (FG-IR-23-423)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-423 advisory. - A use of password hash with insufficient computational effort vulnerability CWE-916 affecting FortiOS version 7.4.3 and...
Fortinet Fortigate Path traversal in execute command (FG-IR-22-369)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-369 advisory. - A improper limitation of a pathname to a restricted directory vulnerability 'path traversal' CWE-22 in Fortinet FortiOS...
Fortinet Fortigate - Path traversal vulnerability allows VDOM escaping (FG-IR-22-401)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-401 advisory. - A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and...
Fortinet Fortigate Unauthenticated access to static files containing logging information (FG-IR-22-364)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-364 advisory. - An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in Fortinet FortiProxy version 7.2.0...
The vulnerability of the SSL-VPN portal for FortiOS operating systems and the proxy server used to protect against internet attacks by FortiProxy allows attackers to send packets from arbitrary IP addresses.
The vulnerability of the SSL-VPN portal for FortiOS operating systems and the FortiProxy proxy server used for protecting against internet attacks is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to send packets from arbitrary IP...
The vulnerabilities of the FortiOS command-line interpreter, the FortiSwitchManager local management platform, and the FortiProxy proxy server for protecting against internet attacks allow attackers to execute arbitrary code.
The vulnerability of the FortiOS command-line interpreter, the local management platform FortiSwitchManager, and the FortiProxy proxy server for protecting against internet attacks is related to the use of an uncontrolled format string. Exploiting this vulnerability allows an attacker to execute...
The vulnerability in the web interface of the operating system administrator FortiOS allows a perpetrator to execute arbitrary commands.
The vulnerability in the Windows operating system’s administrator web interface, FortiOS.sv, relates to operations that go beyond buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted HTTP or HTTPS requests...
The vulnerabilities of the FortiOS command-line interpreter, the FortiSwitchManager local management platform, and the FortiProxy proxy server for protecting against internet attacks allow attackers to execute arbitrary code.
The vulnerability of the FortiOS command-line interpreter, the local management platform FortiSwitchManager, and the FortiProxy proxy server for protecting against Internet attacks is related to the use of uncontrolled format strings in processing binary files. Exploiting this vulnerability allow...
The vulnerability of FortiOS operating systems, related to the lack of protection for service data, allows attackers to disclose the protected information.
The vulnerability of FortiOS operating systems is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by sending specially crafted HTTP requests...
The vulnerability of the FortiOS operating systems, related to a memory reclamation error, allows a perpetrator to execute arbitrary commands.
The vulnerability of the FortiOS operating systems is related to a memory reclamation error. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability in the FortiOS operating system’s web administration interface allows a hacker to trigger a service failure.
The vulnerability in the FortiOS operating system’s web administration interface is related to deficiencies in handling exceptional states. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted HTTP requests...
The vulnerability of the command-line interface of FortiOS operating systems allows a hacker to execute arbitrary code by sending specially crafted requests.
The vulnerability of the command-line interface of FortiOS operating systems is related to the use of uncontrolled format lines when processing binary files. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted requests...
Vulnerabilities fixed in Fortinet FortiOS
Fortinet has fixed vulnerabilities in FortiOS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, manipulate VPN traffic, or potentially execute code on the management interface. For successful execution of arbitrary code, the malicious party must have access to the...
Fortinet FortiOS Denial of Service Vulnerability
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A denial of service vulnerability...
Fortinet FortiOS Resource Management Error Vulnerability
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A resource management error...
Fortinet FortiOS Buffer Overflow Vulnerability (CNVD-2024-24406)
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A buffer overflow vulnerability...
CVE-2024-26007
An improper check or handling of exceptional conditions vulnerability CWE-703 in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests...