Null pointer dereference

A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter...

Null pointer dereference

A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter...

CVE-2023-33307

CVE-2023-33307 describes a NULL pointer dereference in Fortinet FortiOS (before 7.2.5 and before 7.0.11) and FortiProxy (before 7.2.3 and before 7.0.9) that can allow an attacker to cause a denial of the SSL-VPN service via specially crafted requests to the network parameter. The vulnerability af...

CVE-2023-33307

A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter...

CVE-2023-33307

A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter...

CVE-2023-33306

A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter...

CVE-2023-33306

Concretely affects Fortinet FortiOS and FortiProxy: a NULL POINTER DEREFERENCE (CWE-476) in the SSL-VPN/related components allows remote, authenticated attackers to crash the service via crafted requests. Affected versions include FortiOS pre-7.2.5, pre-7.0.11, and pre-6.4.13, and FortiProxy pre-...

CVE-2023-33306

A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter...

Fortinet Fortigate Heap buffer overflow in sslvpn pre-authentication (FG-IR-23-097)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-097 advisory. - A heap-based buffer overflow vulnerability CWE-122 in FortiOS version 7.2.4 and below, version 7.0.11 and below, version...

Protect

A URL redirection to untrusted site 'Open Redirect' vulnerability CWE-601 in FortiOS and FortiProxy sslvpnd may allow an authenticated attacker to redirect users to any arbitrary website via a crafted URL...

Exploit for Out-of-bounds Write in Fortinet Fortios

cve-2022-42475 POC code to exploit the Heap overflow in Fortin...

SonicWall SonicOS Security Misconfiguration (SNWLID-2023-0005)

According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by a security misconfiguration vulnerability, due to improper restriction of excessive MFA attempts in the SonicOS SSLVPN interface, which may allow a remote authenticated attack...

PT-2023-1862 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4.11 and earlier, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 FortiProxy versions 2.0.11 and earlier, 7.0.0 through 7.0.7, 7.2.0 through 7.2.1 Description: The issue is related to an access of uninitialized pointer vulnerabili...

CVE-2023-1101

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes...

Design/Logic Flaw

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes...

SonicOS SSLVPN Improper Restriction of Excessive MFA Attempts Vulnerability

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes. CVE: CVE-2023-1101 Last updated: March 28, 2023, 11:32 a.m...

CVE-2023-1101

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes...

CVE-2023-1101

SonicWall SonicOS SSLVPN is affected by CVE-2023-1101 due to an improper restriction of excessive MFA attempts. The vulnerability allows an authenticated attacker to submit many MFA codes, leading to potential abuse of MFA workflow. Connected sources (e.g., SonicWall PSIRT SNWLID-2023-0005) confi...

Exploit for Out-of-bounds Write in Fortinet Fortios

cve-2022-42475 POC code to exploit the Heap overflow in For...

Fortinet FortiOS SSLVPN Remote Code Execution Vulnerability

Fortinet FortiOS is a security operating system from Fortinet, a US-based company dedicated to the FortiGate network security platform. The system provides users with a variety of security features such as firewall, anti-virus, VPN, Web content filtering and anti-spam.Fortinet FortiOS SSLVPN remo...