Fortinet FortiOS - Information Disclosure (FG-IR-22-364)

The version of FortiOS installed on the remote host is therefore, affected by a information disclosure vulnerability. An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS and FortiProxy may allow an unauthenticated attacker to obtain sensitive logging information...

Fastly Secret Disclosure

Correspondence from Fastly declined to comment regarding new discovered vulnerabilities within their website. Poor practices regarding password changes. 1. Reset user password 2. Access link sent 3. Temporary password sent plaintext // HTTP POST request POST...

Fortinet Fortigate Access of NULL pointer in SSLVPNd (FG-IR-22-477)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-477 advisory. - An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through...

CVE-2022-41329

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations ...

Design/Logic Flaw

An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated...

CVE-2022-41329

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations ...

CVE-2022-45861

An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated...

CVE-2022-45861

An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated...

CVE-2023-1097

Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods have been tested and validated by a 3rd party...

CVE-2023-1097 Unauthenticated Command Injection EG7035-M11 Series

Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods have been tested and validated by a 3rd party...

Fortinet FortiWeb Path Traversal Vulnerability (CNVD-2023-18293)

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. A path traversal vulnerability exists that...

PT-2023-16751 · Baicells · Baicells Eg7035-M11

Name of the Vulnerable Software and Affected Versions: Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 Description: The issue concerns improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and are executed with root permissions...

CVE-2023-22638

Several improper neutralization of inputs during web page generation vulnerability CWE-79 in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS...

CVE-2022-30300

A relative path traversal vulnerability CWE-23 in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests...

CVE-2023-22638

Several improper neutralization of inputs during web page generation vulnerability CWE-79 in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below, 8.6.5 and below, 8.5.4 and below, 8.3.7 and below may allow an authenticated attacker to perform several XSS...

CVE-2023-22638

FortiNAC is affected by CVE-2023-22638. The vulnerability is an improper neutralization of inputs in the web page generation, enabling authenticated attackers to perform multiple XSS attacks via crafted HTTP GET requests. Affected FortiNAC versions: 9.4.1 and below, 9.2.6 and below, 9.1.8 and bel...

CVE-2022-30300

CVE-2022-30300 is a relative path traversal vulnerability in FortiWeb affecting 6.3.6–6.3.18, all 6.4 versions, and 7.0.0–7.0.1. The issue arises in the API handler, allowing an authenticated attacker to access files and data via crafted HTTP GET requests. References include FortiGuard FG-IR-22-1...

CVE-2022-30300

A relative path traversal vulnerability CWE-23 in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests...

CVE-2022-30300

A relative path traversal vulnerability CWE-23 in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests...

FortiWeb - Path traversal in API handler

A relative path traversal vulnerability CWE-23 in FortiWeb may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests...