CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SonicWall•added 2019/12/18 10:11 p.m.•4 views

SonicOS SSLVPN NACAgent 3.5 windows binary is vulnerable to Unquoted Service Path Privilege Escalation vulnerability

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. CVE: CVE-2019-7487 Last updated: Dec. 18, 2019, 10:11 p.m...

7CVSS7.2AI score0.00038EPSS

NVD•added 2019/11/21 3:15 p.m.•10 views

CVE-2019-15704

A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway...

5.5CVSS5.2AI score0.00025EPSS

ThreatPost•added 2019/10/08 12:44 p.m.•296 views

APT Groups Exploiting Flaws in Unpatched VPNs, Officials Warn

State-sponsored advanced persistent threat APT groups are using flaws in outdated VPN technologies from Palo Alto Networks, Fortinet and Pulse Secure to carry out cyber attacks on targets in the United States and overseas, warned U.S. and U.K. officials. The National Security Agency NSA issued a...

7.5CVSS9.2AI score0.94473EPSS

Exploits56References13

Packet Storm•added 2019/08/19 12:0 a.m.•361 views

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

Exploit Title: FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Date: 17/08/2019 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.fortinet.com/ Software Link: https://www.fortinet.com/products/fortigate/fortios.html...

5CVSS10AI score0.94473EPSS

Exploits21

exploitpack•added 2019/08/19 12:0 a.m.•260 views

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit Title: FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Date: 17/08/2019 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.fortinet.com/...

5CVSS10AI score0.94473EPSS

Exploits21

Exploit DB•added 2019/08/19 12:0 a.m.•658 views

Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

Exploit Title: Fortinet FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Date: 17/08/2019 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.fortinet.com/ Software Link:...

9.8CVSS9.9AI score0.94473EPSS

Exploits21

0day.today•added 2019/05/28 12:0 a.m.•120 views

Cyberoam SSLVPN Client 1.3.1.30 Connect To Server / HTTP Proxy Denial Of Service Exploit

Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSLv1.3.1.30.zip Tested Version: 1.3.1.30 Tested on: Windows...

0day.today•added 2019/05/24 12:0 a.m.•123 views

Cyberoam SSLVPN Client 1.3.1.30 - (HTTP Proxy) Denial of Service Exploit

Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSLv1.3.1.30.zip Tested Version: 1.3.1.30 Tested on: Windows Windows ...

exploitpack•added 2019/05/24 12:0 a.m.•12 views

Cyberoam SSLVPN Client 1.3.1.30 - HTTP Proxy Denial of Service (PoC)

Cyberoam SSLVPN Client 1.3.1.30 - HTTP Proxy Denial of Service PoC Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-23 Vendor Homepage: https://www.cyberoam.com Software Link:...

7.3AI score

0day.today•added 2019/05/24 12:0 a.m.•128 views

Cyberoam SSLVPN Client 1.3.1.30 - (Connect To Server) Denial of Service Exploit

Packet Storm•added 2019/05/24 12:0 a.m.•81 views

Cyberoam SSLVPN Client 1.3.1.30 Connect To Server / HTTP Proxy Denial Of Service

Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-23 Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSLv1.3.1.30.zip Tested Version:...

Exploit DB•added 2019/05/24 12:0 a.m.•201 views

Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)

Exploit DB•added 2019/05/24 12:0 a.m.•154 views

Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)

Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-23 Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSLv1.3.1.30.zip Tested Version: 1.3.1.30...

exploitpack•added 2019/05/24 12:0 a.m.•10 views

Cyberoam SSLVPN Client 1.3.1.30 - Connect To Server Denial of Service (PoC)

Cyberoam SSLVPN Client 1.3.1.30 - Connect To Server Denial of Service PoC Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-23 Vendor Homepage: https://www.cyberoam.com Software Link:...

0.1AI score

NVD•added 2018/04/26 8:29 p.m.•15 views

CVE-2017-17543

Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak...

7.5CVSS7.6AI score0.00068EPSS

Vulnrichment•added 2018/04/26 8:0 p.m.•6 views

CVE-2017-17543

7.3AI score0.00068EPSS