35 matches found
CVE-2024-32116
Multiple relative path traversal vulnerabilities CWE-23 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the...
CVE-2024-32116
Multiple relative path traversal vulnerabilities CWE-23 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the...
Fortinet Fortigate - Path traversal vulnerability allows VDOM escaping (FG-IR-22-401)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-401 advisory. - A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and...
CVE-2023-29177
Multiple buffer copy without checking size of input 'classic buffer overflow' vulnerabilities CWE-120 in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests...
Buffer overflow
Multiple buffer copy without checking size of input 'classic buffer overflow' vulnerabilities CWE-120 in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests...
CVE-2023-29177
Multiple buffer copy without checking size of input 'classic buffer overflow' vulnerabilities CWE-120 in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests...
CVE-2023-29177
Multiple buffer copy without checking size of input 'classic buffer overflow' vulnerabilities CWE-120 in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests...
CVE-2023-26210
Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...
CVE-2023-26210
Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...
FortiADC & FortiADC Manager - Command injection vulnerabilities in cli commands
Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 in FortiADC & FortiADC Manager may allow a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...
Fortinet FortiOS - Path Traversal Vulnerability (FG-IR-22-401)
The version of FortiOS installed on the remote host is affected by a path traversal vulnerability. A relative path traversal vulnerability CWE-23 in FortiOS and FortiProxy may allow privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests. Not...
CVE-2022-42476
A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via...
Path traversal
A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via...
CVE-2022-42476
A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via...
Protect
A relative path traversal vulnerability CWE-23 in FortiOS and FortiProxy may allow privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests...