CVE-2023-45586

An insufficient verification of data authenticity vulnerability CWE-345 in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13...

CVE-2024-26007

An improper check or handling of exceptional conditions vulnerability CWE-703 in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests...

CVE-2024-26007

Fortinet FortiOS 7.4.1 is affected by CVE-2024-26007 due to an improper check/handling of exceptional conditions (CWE-703), enabling an unauthenticated attacker to cause a denial of service on the administrative interface via crafted HTTP requests. Mitigations/updates are available; Fortinet advi...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A buffer overflow vulnerability...

PT-2024-3554 · Fortinet · Fortiproxy +2

Name of the Vulnerable Software and Affected Versions: FortiProxy versions 1.0.0 through 1.2.13 FortiProxy versions 2.0.0 through 2.0.13 FortiProxy versions 7.0.0 through 7.2.4 FortiPAM versions 1.0.0 through 1.0.3 FortiOS versions 6.0.0 through 6.4.14 FortiOS versions 7.0.0 through 7.2.0...

PT-2024-3553

Name of the Vulnerable Software and Affected Versions FortiOS versions prior to 7.0.0 Description The issue is related to a double free vulnerability, which may allow a privileged attacker to execute unauthorized code or commands. This can be achieved via crafted HTTP or HTTPS requests...

多款Fortinet产品 格式化字符串错误漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a Fortinet FortiPAM is a platform for privilege access control . Fortinet FortiProxy, FortiPAM, and FortiOS have a...

PT-2024-3555 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.0.0 through 7.0.11 FortiOS versions 7.2.0 through 7.2.7 FortiOS versions 7.4.0 through 7.4.1 FortiProxy versions 7.0.0 through 7.0.12 FortiProxy versions 7.2.0 through 7.2.7 FortiProxy versions 7.4.0 through 7.4.1...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A denial of service vulnerability...

Fortinet FortiOS 资源管理错误漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A resource management error...

Fortinet FortiOS 数据伪造问题漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A data forgery issue...

PT-2024-3560 · Fortinet · Fortiproxy +3

Name of the Vulnerable Software and Affected Versions: FortiProxy versions 1.1.0 through 1.2.13 FortiProxy versions 2.0.0 through 2.0.13 FortiProxy versions 7.0.0 through 7.2.5 FortiPAM versions 1.0.0 through 1.1.0 FortiOS versions 6.2.0 through 7.4.0 FortiSwitchManager versions 7.0.0 through 7.2...

Vulnerability of FortiOS operating systems and FortiProxy proxy servers in protecting against internet attacks, due to insufficient protection of registration data, allowing attackers to perform arbitrary actions.

The vulnerability of the FortiOS operating systems and the proxy server used for protecting against Internet attacks related to FortiProxy lies in the insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, provided...

Fortinet FortiOS Information Disclosure Vulnerability (CNVD-2024-20292)

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An information disclosure...

Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability

Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10. "An Improper Control of Generation of Code 'Co...

Vulnerabilities fixed in Fortinet

Fortinet has fixed a number of vulnerabilities in FortiOS, FortiProxy, FortiNAC, FortiSandbox and FortiClient. A malicious person could exploit the vulnerability marked CVE-2023-45590 to executing code on a FortiClientLinux system by getting a user to visit a rogue website. Other vulnerabilities...

CVE-2024-23662

An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests...

CVE-2024-23662

An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests...

CVE-2023-48784

A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or...

CVE-2023-48784

A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or...