CVE-2023-41677

A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through...

CVE-2023-41677

A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through...

CVE-2023-48784

A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or...

CVE-2023-48784

CVE-2023-48784: Fortinet FortiOS contains a use of externally-controlled format string vulnerability (CWE-134) in the CLI that may allow a local privileged attacker with super-admin/CLI access to execute arbitrary code via specially crafted requests. Affected: FortiOS 7.4.1 and below, 7.2.7 and b...

CVE-2023-48784

A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or...

CVE-2023-41677

CVE-2023-41677 affects Fortinet FortiProxy and FortiOS versions listed in the description, where a vulnerability due to insufficient protection of credentials could let an attacker execute unauthorized code or commands through a targeted social engineering attack. The issue is documented across m...

CVE-2023-41677

A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through...

CVE-2023-41677

A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through...

CVE-2024-23662

An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests...

CVE-2024-23662

An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests...

Fortinet FortiOS 格式化字符串错误漏洞

Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform from the American company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering, and antispam security features. The Fortinet FortiOS is...

PT-2024-3551 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 6.4.0 through 6.4.15 Fortinet FortiOS versions 7.0.0 through 7.0.15 Fortinet FortiOS versions 7.2.0 through 7.2.5 Fortinet FortiOS versions 7.4.0 through 7.4.1 Description: The issue is related to the exposure of...

Fortinet FortiProxy 安全漏洞

Fortinet FortiProxy is a secure network proxy from Fortinet that protects employees from cyberattacks by combining a variety of detection technologies such as Web filtering, DNS filtering, DLP, anti-virus, intrusion prevention, and advanced threat protection.FortiProxy helps reduce bandwidth...

PT-2024-3562 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.4.1 and below FortiOS versions 7.2.7 and below FortiOS versions 7.0.14 and below FortiOS versions 6.4.15 and below Description: A use of externally-controlled format string vulnerability in FortiOS command line interface ma...

Fortinet FortiOS 信息泄露漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An information disclosure...

The vulnerability of the FortiOS operating system, related to bypassing authentication by using a user-controlled key, allows a perpetrator to gain unauthorized access to confidential information.

The vulnerability of the FortiOS operating system relates to bypassing authentication by using a key controlled by the user. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to confidential information...

Fortinet FortiOS Buffer Overflow Vulnerability (CNVD-2024-13748)

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A buffer overflow vulnerability...

The vulnerability of the FortiAuthenticator HA component in FortiOS operating systems allows attackers to increase their privileges.

The vulnerability of the FortiAuthenticator HA component in FortiOS operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

The vulnerability of the Captive Portal authentication system for operating systems FortiOS and proxy servers, designed to protect against Internet attacks by FortiProxy, allows a perpetrator to execute arbitrary codes or commands.

The vulnerability of Captive Portal for FortiOS operating systems and proxy servers, designed to protect against Internet attacks using FortiProxy, is related to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or commands through...

Fortinet Releases Patches for Critical Vulnerabilities in Various Products

Summary: A critical SQL Injection vulnerability CVE-2023-48788 in FortiClientEMS software enables attackers to execute unauthorized code or commands via specially crafted HTTP requests. Additionally, two other critical bugs in FortiOS and FortiProxy have been addressed. Update promptly to patched...