CVE-2023-40721

A use of externally-controlled format string vulnerability CWE-134 vulnerability in Fortinet allows a privileged attacker to execute arbitrary code or commands via specially crafted requests...

CVE-2024-40591

An incorrect privilege assignment vulnerability CWE-266 in Fortinet FortiOS version 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9 and before 7.0.15 allows an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the...

CVE-2024-35279

CVE-2024-35279 is a stack-based buffer overflow in Fortinet FortiOS CAPWAP control handling that affects FortiOS 7.2.4–7.2.8 and 7.4.0–7.4.4. A remote, unauthenticated attacker can exploit crafted UDP packets to execute arbitrary code via the CAPWAP control path, assuming FortiOS stack protection...

CVE-2024-35279

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to...

CVE-2024-40591

An incorrect privilege assignment vulnerability CWE-266 in Fortinet FortiOS version 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9 and before 7.0.15 allows an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the...

CVE-2024-40591

CVE-2024-40591 is a privilege-escalation flaw in Fortinet FortiOS. Affected are FortiOS 7.6.0; 7.4.0–7.4.4; 7.2.0–7.2.9; and versions before 7.0.15. The issue arises from incorrect privilege assignment, allowing an authenticated admin with the Security Fabric permission to escalate to super-admin...

CVE-2024-35279

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to...

Fortinet FortiOS 安全漏洞

FortiOS is a core network security operating system developed by Fortinet, widely used in FortiGate next-generation firewall, providing users with firewall, VPN, intrusion prevention, application control and other security functions. An elevation of privilege vulnerability exists in Fortinet...

PT-2025-6257 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.2.4 through 7.2.8 FortiOS versions 7.4.0 through 7.4.4 Description: A stack-based buffer overflow vulnerability in the implementation of the Control and Provisioning of Wireless Access Points CAPWAP protocol in FortiOS is...

Fortinet FortiOS，FortiProxy和FortiPAM 格式化字符串错误漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from cyber attacks by combining a variety of detection technologies...

Fortinet FortiOS 访问控制错误漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An access control...

VulnCheck KEV: CVE-2025-24472

Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests...

CVE-2025-24472

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to...

PT-2025-6261 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9, and prior to 7.0.15 FortiOS versions 6.4.x Description: The issue is related to an incorrect privilege assignment in FortiOS, allowing an authenticated admin with the Security...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. Fortinet FortiOS suffers from a...

PT-2025-6253 · Fortinet · Fortiproxy +3

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.4.0 through 7.4.1 and prior to 7.2.6 FortiProxy versions 7.4.0 and prior to 7.2.7 FortiPAM versions 1.1.2 and prior to 1.0.3 FortiSwitchManager versions 7.2.0 through 7.2.2 and prior to 7.0.2 Description: A use of...

Fortinet Fortigate Stack buffer overflow in fabric service (FG-IR-24-160)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-160 advisory. - A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 throu...

CVE-2021-26110

An improper access control vulnerability CWE-284 in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to superadmin via a specific crafted...

CVE-2021-26109

An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution...

CVE-2021-26108

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...