CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

RedhatCVE•added 2025/10/15 3:47 p.m.•2 views

CVE-2025-58325

An Incorrect Provision of Specified Functionality vulnerability CWE-684 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands...

8.2CVSS7AI score0.00021EPSS

Exploits0References1

Vulnrichment•added 2025/10/14 3:23 p.m.•3 views

CVE-2023-46718

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands...

6.7CVSS7.6AI score0.00023EPSS

Exploits0References1

Positive Technologies•added 2025/10/14 12:0 a.m.•3 views

PT-2025-41940

6.7CVSS8AI score0.00023EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 6:52 p.m.•6 views

CVE-2021-43072

A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version...

6.7CVSS7.6AI score0.00067EPSS

Exploits0

Tenable Nessus•added 2024/10/26 12:0 a.m.•10 views

Fortinet Fortigate Stack-based buffer overflows via crafted CLI commands (FG-IR-21-206)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-206 advisory. - A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiAnalyzer version 7.0.2 and below,...

6.7CVSS7.4AI score0.00067EPSS

Exploits0References2

CNNVD•added 2024/05/21 12:0 a.m.•0 views

Zyxel DX3300-T1 安全漏洞

The Zyxel DX3300-T1 is a WiFi 6 Mesh device from China's Hopkins Technology Zyxel. A security vulnerability exists in the Zyxel DX3300-T1 V5.50ABVY.4C00 firmware version that originates from a vulnerability that could allow an authenticated, local attacker to cause a denial of service by executin...

5.5CVSS6.4AI score0.00085EPSS

Exploits0References2

Prion•added 2023/05/01 5:15 p.m.•14 views

Buffer overflow

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00AARP.14C0 could allow a remote authenticated attacker with administrator privileges to cause denial-of-service DoS conditions by executing crafted CLI commands on a vulnerable device...

3.3CVSS5.3AI score0.0048EPSS

Exploits0References1Affected Software1

CISA KEV Catalog•added 2023/03/14 12:0 a.m.•37 views

Fortinet FortiOS Path Traversal Vulnerability

Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands...

7.1CVSS6AI score0.00222EPSS

In wildExploits0

OSV•added 2023/03/07 5:15 p.m.•1 views

CVE-2022-41328

A improper limitation of a pathname to a restricted directory vulnerability 'path traversal' CWE-22 in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands...

7.1CVSS5.8AI score0.00222EPSS

Exploits0References2

OSV•added 2021/12/09 10:15 a.m.•0 views

CVE-2021-42759

A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5.5 and below allows attacker to execute unauthorized code or commands via crafted cli commands...

6.7CVSS6.8AI score0.00114EPSS

Exploits0References1

Prion•added 2021/12/09 10:15 a.m.•13 views

Design/Logic Flaw

A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5.5 and below allows attacker to execute unauthorized code or commands via crafted cli commands...

7.2CVSS6.8AI score0.00114EPSS

Exploits0References1Affected Software1

OSV•added 2020/03/04 7:15 p.m.•1 views

CVE-2020-3176

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...

6.7CVSS6.8AI score0.00107EPSS

Exploits0References1

NVD•added 2017/08/22 3:29 p.m.•14 views

CVE-2015-3617

Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow local users to gain privileges via crafted CLI commands...

7.8CVSS7.7AI score0.00066EPSS

Exploits0References3

Cvelist•added 2016/06/04 2:0 p.m.•15 views

CVE-2016-1403

CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005...

7.9AI score0.00247EPSS

Exploits0References1

Prion•added 2015/10/13 12:59 a.m.•15 views

Design/Logic Flaw

Cisco Aironet 1850 access points with software 8.1112.4 allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694...

7.2CVSS7.1AI score0.00093EPSS

Exploits0References2Affected Software1

Cvelist•added 2015/10/13 12:0 a.m.•14 views

CVE-2015-6315

Cisco Aironet 1850 access points with software 8.1112.4 allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694...

6.6AI score0.00093EPSS

Exploits0References2