Lucene search
K

6 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/01/15 12:0 a.m.7 views

VulnCheck KEV: CVE-2025-64155

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute...

9.8CVSS6AI score0.42649EPSS
In wildExploits4References2
RedhatCVE
RedhatCVE
added 2025/06/12 5:5 p.m.8 views

CVE-2024-32119

An improper authentication vulnerability CWE-287 in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge of the targeted user's FCTUID and VDOM to perform operations such as uploading or tagging on behalf of the targeted user via specially...

4.8CVSS5.3AI score0.00288EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.24 views

Fortinet Fortigate TCP Middlebox Reflection (FG-IR-22-073)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-073 advisory. - A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.21...

7.5CVSS7.3AI score0.01265EPSS
Exploits0References3
Prion
Prion
added 2023/07/18 6:15 p.m.15 views

Authentication flaw

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

7.5CVSS9.3AI score0.00658EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/07/18 12:0 a.m.25 views

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

9.6AI score0.00658EPSS
Exploits0References2
Prion
Prion
added 2022/09/06 6:15 p.m.21 views

Input validation

A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker to trigger the sending of "blocked page" HTML...

5CVSS7.5AI score0.01265EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder