CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

UNSUPPORTED WHEN ASSIGNED A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability CWE-22 in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1. through 5.1.2 may allow an authenticated attacker to read and delete arbitrary file of the system via...

8.8CVSS6.8AI score0.00627EPSS

Exploits0

NVD•added 2023/12/13 9:15 a.m.•11 views

CVE-2023-44252

UNSUPPORTED WHEN ASSIGNED An improper authentication vulnerability CWE-287 in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5.1.2 may allow an authenticated attacker to escalate his privileges via HTTP or HTTPs requests with crafted JWT token values...

8.8CVSS0.00239EPSS

Exploits0References1

Prion•added 2023/12/13 9:15 a.m.•19 views

Path traversal

6.5CVSS7AI score0.00627EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/12/13 8:52 a.m.•13 views

CVE-2023-44252

8.8CVSS9AI score0.00239EPSS

Exploits0References1

CVE•added 2023/12/13 8:52 a.m.•37 views

CVE-2023-44252

Fortinet FortiWAN is affected by an improper authentication vulnerability (CWE-287) in versions 5.1.1–5.1.2 and 5.2.0–5.2.1. The issue arises from using a static key when handling JWT tokens, enabling an authenticated attacker to escalate privileges by sending crafted HTTP/HTTPS requests. Impact ...

8.8CVSS8.7AI score0.00239EPSS

Exploits0References1Affected Software1

CNVD•added 2023/11/17 12:0 a.m.•4 views

Fortinet FortiWAN Path Traversal Vulnerability

Fortinet FortiWAN is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance between different networks. A path traversal vulnerability exists in Fortinet FortiWAN, which stems from improperly restricting pathnames to restricted directories, and can be...

8.8CVSS6.7AI score0.00627EPSS

Exploits0References1

CNVD•added 2023/02/20 12:0 a.m.•8 views

Fortinet FortiWAN OS Command Injection Vulnerability (CNVD-2024-37348)

Fortinet FortiWAN is a network appliance from Fortinet that performs load balancing and fault tolerance between different networks. A security vulnerability exists in Fortinet FortiWAN, which can be exploited by a remote attacker to submit a special request that can be used to execute arbitrary...

8.8CVSS7.7AI score0.01286EPSS

Exploits0References1

CNVD•added 2022/04/08 12:0 a.m.•14 views

Fortinet FortiWAN Buffer Overflow Vulnerability

Fortinet FortiWAN is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance between different networks. buffer overflow vulnerability exists in versions prior to Fortinet FortiWAN 4.5.9. An attacker could exploit this vulnerability to corrupt control data...

9.8CVSS5AI score0.01316EPSS

Exploits0References1

CNVD•added 2022/04/08 12:0 a.m.•20 views

Fortinet FortiWAN SQL Injection Vulnerability

Fortinet FortiWan is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance across different networks. SQL injection vulnerability exists in versions prior to Fortinet FortiWAN 4.5.9, which stems from a program that does not properly filter special elemen...

9.8CVSS1.7AI score0.01166EPSS

Exploits0References1

CNNVD•added 2022/04/06 12:0 a.m.•1 views

Fortinet FortiWAN 缓冲区错误漏洞

9.8CVSS6.5AI score0.01316EPSS

Exploits0References3

CNNVD•added 2022/04/06 12:0 a.m.•2 views

Fortinet FortiWan 加密问题漏洞

Fortinet FortiWan is a network appliance from Fortinet, Inc. Fortinet FortiWAN versions prior to 4.5.9 are vulnerable to an encryption issue that stems from the program using a corrupted or risky encryption algorithm. An attacker could exploit this vulnerability to decrypt and forge protocol...

6.5CVSS5.6AI score0.00166EPSS

Exploits0References3

CNNVD•added 2022/04/06 12:0 a.m.•2 views

Fortinet FortiWan 操作系统命令注入漏洞

Fortinet FortiWan is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance across different networks.An operating system command injection vulnerability exists in versions prior to Fortinet FortiWAN 4.5.9. An attacker could exploit this vulnerability to...

9CVSS6.3AI score0.00239EPSS

Exploits0References3

CNNVD•added 2021/04/28 12:0 a.m.•2 views

Fortinet FortiWAN 授权问题漏洞

Fortinet FortiWAN is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance between different networks. An authorization issue vulnerability exists in Fortinet FortiWAN that stems from an error in the authentication process. The following products and...

9.8CVSS5.4AI score0.60812EPSS

Exploits0References3

NVD•added 2016/09/21 2:25 p.m.•12 views

CVE-2016-4968

The linkreport/tmp/adminglobal page in Fortinet FortiWan formerly AscernLink before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request...

6.5CVSS6.2AI score0.03494EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by