136 matches found
CVE-2024-26010
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0...
CVE-2024-26010
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0...
CVE-2024-26010
CVE-2024-26010 is a stack-based buffer overflow affecting multiple Fortinet products (FortiPAM, FortiWeb, FortiAuthenticator, FortiSwitchManager, FortiOS, FortiProxy, etc.) across many versions. The underlying flaw allows an attacker to execute unauthorized code or commands via specially crafted ...
PT-2024-4150 · Fortinet · Fortiswitchmanager +5
Name of the Vulnerable Software and Affected Versions: FortiPAM versions 1.0.0 through 1.1.2 FortiPAM version 1.2.0 FortiWeb affected versions not specified FortiAuthenticator affected versions not specified FortiSwitchManager versions 7.0.1 through 7.2.3 FortiOS versions 6.0.0 through 7.4.3...
Multiple Fortinet products Security vulnerabilities
Fortinet FortiAuthenticator and others are products of Fortinet, Inc.Fortinet FortiAuthenticator is a centralized user identity management solution.Fortinet FortiSwitchManager is a network switch Fortinet FortiSwitchManager is a network switch management tool designed to help organizations manage...
The vulnerabilities of the FortiOS command-line interpreter, the FortiSwitchManager local management platform, and the FortiProxy proxy server for protecting against internet attacks allow attackers to execute arbitrary code.
The vulnerability of the FortiOS command-line interpreter, the local management platform FortiSwitchManager, and the FortiProxy proxy server for protecting against Internet attacks is related to the use of uncontrolled format strings in processing binary files. Exploiting this vulnerability allow...
The vulnerabilities of the FortiOS command-line interpreter, the FortiSwitchManager local management platform, and the FortiProxy proxy server for protecting against internet attacks allow attackers to execute arbitrary code.
The vulnerability of the FortiOS command-line interpreter, the local management platform FortiSwitchManager, and the FortiProxy proxy server for protecting against internet attacks is related to the use of an uncontrolled format string. Exploiting this vulnerability allows an attacker to execute...
CVE-2023-45583
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...
CVE-2023-45583
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13,...
CVE-2023-45583
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...
CVE-2023-45583
The CVE-2023-45583 vulnerability is a use of externally-controlled format string affecting Fortinet FortiProxy, FortiPAM, FortiOS, and FortiSwitchManager across multiple versions (e.g., FortiProxy 7.2.0–7.2.5, 7.0.x, 2.0.x, 1.x; FortiOS 7.x and 6.x; FortiPAM 1.x; FortiSwitchManager 7.x). The unde...
CVE-2023-45583
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...
PT-2024-3560
Name of the Vulnerable Software and Affected Versions FortiProxy versions 1.1.0 through 1.2.13 FortiProxy versions 2.0.0 through 2.0.13 FortiProxy versions 7.0.0 through 7.2.5 FortiPAM versions 1.0.0 through 1.1.0 FortiOS versions 6.2.0 through 7.4.0 FortiSwitchManager versions 7.0.0 through 7.2....
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,...
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,...
CVE-2024-23113
CVE-2024-23113 is a format-string vulnerability in Fortinet FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager. An attacker can trigger remote code execution by sending specially crafted packets that influence format-string processing in affected components. Affected versions include FortiOS 7...
PT-2024-1569
Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.0.0 through 7.0.13 Fortinet FortiOS versions 7.2.0 through 7.2.6 Fortinet FortiOS versions 7.4.0 through 7.4.2 FortiProxy versions 7.0.0 through 7.0.14 FortiProxy versions 7.2.0 through 7.2.8 FortiProxy versions 7.4...
Exploit for Improper Authentication in Fortinet Fortiproxy
CVE-2022-40684 CVE-2022-40684 - Auth bypass - Run exploit...
Fortinet FortiSwitchManager Improper Access Control Vulnerability
Fortinet FortiSwitchManager is a network switch management tool from Fortinet designed to help organizations manage their FortiSwitch family of network switches. An improper access control vulnerability exists in Fortinet FortiSwitchManager. The vulnerability is caused by a flawed authentication...
The vulnerability of the local management platform FortiSwitchManager, related to errors in access control, allows a attacker to modify settings by sending commands through the application programming interface.
The vulnerability of the FortiSwitchManager local management platform is related to errors in access control. Exploiting this vulnerability allows a malicious actor to make changes to settings by sending commands through the application programming interface...