CVE-2024-23104

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiVoice 7.0.0 through 7.0.1 may allow a remote authenticated attacker with at...

Fortinet FortiNDR SQL注入漏洞

Fortinet FortiNDR is a network detection and response solution provided by the American company Fortinet. Versions 7.6.0 to 7.6.2, 7.4.0 to 7.4.9, all versions of 7.2, all versions of 7.1, and all versions of 7.0 of Fortinet FortiNDR contain an SQL injection vulnerability. This vulnerability stem...

EUVD-2024-20629

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiVoice 7.0.0 through 7.0.1 may allow a remote authenticated attacker with at...

EUVD-2023-52823

Malicious code in bioql PyPI...

PT-2025-32871 · Fortinet · Fortindr +4

Name of the Vulnerable Software and Affected Versions: Fortinet FortiMail versions 7.6.0 through 7.6.1 and prior to 7.4.3 Fortinet FortiVoice versions 7.0.0 through 7.0.5 and prior to 7.4.9 Fortinet FortiRecorder versions 7.2.0 through 7.2.1 and prior to 7.0.4 Fortinet FortiCamera versions 7.6.0...

The vulnerability of the FortiMail email security system, a software-hardware solution for information protection based on AI and deep neural networks from Fortinet’s FortiNDR (Network Detection and Response), arises from the possibility of copying buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerability of the FortiMail email security system, a software-hardware solution for information protection based on AI and deep neural networks from Fortinet, is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker...

The vulnerability of the Fortinet FortiNDR (Network Detection and Response) software, a hardware-based information protection solution utilizing AI and deep neural networks, relates to the. This vulnerability allows attackers to execute CSRF attacks.

The vulnerability of the Fortinet FortiNDR Network Detection and Response software, which is based on AI and deep neural networks, relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using specially crafted HTTP GET...

CVE-2023-33302

A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail...

CVE-2023-33302

A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail...

CVE-2023-33302

A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail...

CVE-2023-48790

A cross site request forgery vulnerability CWE-352 in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests...

Fortinet FortiNDR 安全漏洞

Fortinet FortiNDR is a network detection and response solution from Fortinet, Inc. A security vulnerability exists in Fortinet FortiNDR versions 7.4.2 and earlier, 7.2.1 and earlier, 7.1.1 and earlier, 7.0.6 and earlier, which stems from improper validation of the integrity check value and could...

CVE-2023-48790

A cross site request forgery vulnerability CWE-352 in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests...

CVE-2023-48790

Fortinet FortiNDR is affected by a cross-site request forgery (CSRF, CWE-352) vulnerability that allows a remote unauthenticated attacker to perform unauthorized actions via crafted HTTP GET requests. Affected versions include 7.4.0, 7.2.0–7.2.1, 7.1.0–7.1.1, and all versions prior to 7.0.5. The ...

CVE-2023-48790

A cross site request forgery vulnerability CWE-352 in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests...

CVE-2023-48790

A cross site request forgery vulnerability CWE-352 in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests...

PT-2025-10768 · Fortinet · Fortindr

Name of the Vulnerable Software and Affected Versions: Fortinet FortiNDR versions 7.1.0 through 7.1.1 Fortinet FortiNDR versions 7.2.0 through 7.2.1 Fortinet FortiNDR version 7.4.0 Fortinet FortiNDR versions prior to 7.0.5 Description: A cross-site request forgery vulnerability in Fortinet FortiN...

Fortinet FortiNDR 跨站请求伪造漏洞

Fortinet FortiNDR is a network detection and response solution from Fortinet, Inc. A cross-site request forgery vulnerability exists in Fortinet FortiNDR, which stems from a cross-site request forgery that could lead to the execution of an unauthorized operation. The following versions are...