2767 matches found
CVE-2025-24477
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...
Fortinet FortiOS Buffer Overflow Vulnerability
Fortinet FortiOS is Fortinet's network security operating system used to provide firewall, VPN, intrusion prevention, and other security features. Fortinet FortiOS suffers from a buffer overflow vulnerability that stems from insufficient boundary checking of specially crafted CLI commands. An...
CVE-2025-24477
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...
CVE-2025-24477
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...
CVE-2025-24477
Fortinet FortiOS is affected by a heap-based buffer overflow allowing privilege escalation via specially crafted CLI commands. Affected versions include FortiOS 7.6.0–7.6.2, 7.4.0–7.4.7, and 7.2.4–7.2.12 (per CVE-2025-24477). The underlying issue is described as a boundary checking/heap overflow ...
CVE-2025-24477
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...
CVE-2025-24477
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...
CVE-2025-24477
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is Fortinet's network security operating system used to provide firewall, VPN, intrusion prevention, and other security features. Fortinet FortiOS suffers from a buffer overflow vulnerability that stems from insufficient boundary checking of specially crafted CLI commands. An...
CVE-2024-55599
An Improperly Implemented Security Check for Standard vulnerability CWE-358 in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated...
CVE-2024-52965
A missing critical step in authentication vulnerability CWE-304 in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user...
CVE-2024-55599
An Improperly Implemented Security Check for Standard vulnerability CWE-358 in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated...
CVE-2024-55599
An Improperly Implemented Security Check for Standard vulnerability CWE-358 in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated...
CVE-2024-52965
A missing critical step in authentication vulnerability CWE-304 in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user...
CVE-2024-52965
A missing critical step in authentication vulnerability CWE-304 in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user...
CVE-2024-52965
A missing critical step in authentication vulnerability CWE-304 in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user...
CVE-2024-52965
A missing critical step in authentication vulnerability CWE-304 in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user...
CVE-2024-52965
CVE-2024-52965 describes a missing authentication step in Fortinet FortiOS and FortiProxy that lets an API-user login with an invalid certificate when using api-key + PKI cert authentication. Affected products and versions include FortiOS 7.0.0–7.0.15, 7.2.0–7.2.10, 7.4.0–7.4.5, 7.6.0–7.6.1 and F...
CVE-2024-55599
CVE-2024-55599 describes an improperly implemented security check (CWE-358) in Fortinet FortiOS and FortiProxy that could allow a remote unauthenticated user to bypass DNS filtering via Apple devices. Concrete details across connected sources specify affected products and versions: FortiOS 7.6.0;...
CVE-2024-55599
An Improperly Implemented Security Check for Standard vulnerability CWE-358 in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated...