CVE-2026-25690

An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an...

Fortinet FortiSandbox 跨站脚本漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device offers features such as dual sandbox technology, dynamic threat intelligence systems, a real-time control panel, and reporting capabilities. Versions of Fortinet...

CVE-2025-53608

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability CWE-79 vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an authenticated privileg...

PT-2025-47352

Name of the Vulnerable Software and Affected Versions Fortinet FortiExtender versions 7.0 all versions Fortinet FortiExtender versions 7.2 all versions Fortinet FortiExtender versions 7.4.0 through 7.4.6 Fortinet FortiExtender versions 7.6.0 through 7.6.1 Description An issue exists in Fortinet...

CVE-2025-64446

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTT...

EUVD-2006-1966

Malware in sbrugna...

VulnCheck KEV: CVE-2025-25257

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execu...

Fortinet FortiManager and Fortinet FortiManager Cloud Command Injection Vulnerabilities

Fortinet FortiManager and Fortinet FortiManager Cloud are both products of Fortinet, a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify...

PT-2025-6624 · Fortinet · Fortinet Product

Name of the Vulnerable Software and Affected Versions: Fortinet Product affected versions not specified Description: The issue impacts Fortinet Product. No additional details are provided about the nature of the problem or its potential impact. Recommendations: At the moment, there is no...

JVN#83855727: FortiWeb vulnerable to SQL injection

FortiWeb provided by Fortinet, Inc. contains an SQL injection vulnerability CWE-89, CVE-2024-55593. Impact Information in the FortiWeb database may be obtained by a user who can log in to the product. Solution Update the software Update the software to the latest version according to the...

CVE-2023-37937

An improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code o...

CVE-2024-31490

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6, FortiSandbox 4.0 all versions, FortiSandbox 3.2.2 through 3.2.4, FortiSandbox 3.1.5 allows attacker to information disclosure via HTTP get...

CVE-2022-27486

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...

PT-2024-4054 · Fortinet · Fortiauthenticator

Name of the Vulnerable Software and Affected Versions: Fortinet FortiAuthenticator versions 6.4.9 and below Fortinet FortiAuthenticator versions 6.5.3 and below Fortinet FortiAuthenticator version 6.6.0 Description: The issue is related to an open redirect in the Fortinet FortiAuthenticator, whic...

Fortinet FortiSIEM 加密问题漏洞

Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation and unified management. A security vulnerability exists in Fortinet FortiSIEM versions prior to 6.7...

Fortinet FortiNAC 加密问题漏洞

Fortinet FortiNAC is a set of network access control solutions from the U.S. company Fita Fortinet. The product is primarily used for network access control and IoT security. A security vulnerability exists in Fortinet FortiNAC that stems from the use of a weak encryption algorithm vulnerability...

Fortinet FortiClient 安全漏洞

Fortinet FortiClient is a structured agent from Fortinet, Inc. It is used to provide protection, compliance, and secure access in a single modular lightweight client. A security vulnerability exists in FortiClient Mac that stems from allowing a local attacker to modify the installer to elevate...

Fortinet FortiAuthenticator 操作系统命令注入漏洞

Fortinet FortiAuthenticator is a centralized user identity management solution from Fortinet, Inc. A security vulnerability exists in Fortinet FortiAuthenticator that allows an authenticated attacker to execute unauthorized commands with parameters specifically designed for existing commands by...

Fortinet FortiDeceptor Operating System Command Injection Vulnerability

Fortinet FortiDeceptor is a cyber threat detection platform from the American company Fiat Fortinet. The platform focuses on exposing cyber threats through deception techniques, among other things. A security vulnerability exists in FortiDeceptor 3.0.0, 3.0.1, 3.1.0 that could allow a remote user...

Fortinet FortiOS Cross-Site Scripting Vulnerability (CNVD-2019-16229)

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A cross-site scripting...