Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/03/10 4:44 p.m.26 views

CVE-2025-66178

A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2.0 through 7.2.12, FortiWeb 7.0.0 through 7.0.12 may allow an authenticated...

7.2CVSS0.01667EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/11/18 10:25 a.m.201 views

Exploit for Relative Path Traversal in Fortinet Fortiweb

CVE-2025-64446 - FortiWeb Authentication Bypass Exploit De...

9.8CVSS7.5AI score0.89177EPSS
Exploits17
Tenable Nessus
Tenable Nessus
added 2024/05/22 12:0 a.m.27 views

Fortinet FortiWeb OS command injection in Web GUI (FG-IR-22-163)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-163 advisory. - An improper neutralization of special elements used in an os command 'OS Command Injection' CWE-78 in FortiWeb 7.0.0 through...

8.8CVSS8.5AI score0.02514EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.8 views

PT-2023-14407 · Fortinet · Fortiadc +1

Name of the Vulnerable Software and Affected Versions: FortiWeb versions 7.0.0 through 7.0.3 FortiADC versions 7.1.0 through 7.1.1 FortiADC versions 7.0.0 through 7.0.3 FortiADC 6.2 all versions FortiADC 6.1 all versions FortiADC 6.0 all versions FortiADC 5.4 all versions FortiADC 5.3 all version...

7.8CVSS7.7AI score0.00626EPSS
Exploits0References5
OSV
OSV
added 2023/02/16 7:15 p.m.1 views

CVE-2022-40683

A double free in Fortinet FortiWeb version 7.0.0 through 7.0.3 may allows attacker to execute unauthorized code or commands via specially crafted commands...

7.8CVSS5.9AI score0.00201EPSS
Exploits0References1
Prion
Prion
added 2023/02/16 7:15 p.m.23 views

Path traversal

A path traversal vulnerability CWE-23 in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially...

4CVSS4.6AI score0.00474EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder