Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:42 p.m.4 views

CVE-2022-41328

A improper limitation of a pathname to a restricted directory vulnerability 'path traversal' CWE-22 in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands...

7.1CVSS7.7AI score0.12316EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/06/19 3:9 p.m.97 views

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying

The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...

9.8CVSS8AI score0.99474EPSS
Exploits13
The Hacker News
The Hacker News
added 2023/03/18 11:30 a.m.150 views

Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack

The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a suspected Chinese hacking group. American cybersecurity company Mandiant, which made the attribution, said the activity cluster is part of a broader campaign...

7.1CVSS7.7AI score0.12316EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/03/14 6:1 a.m.149 views

Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities

Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet FortiOS software to result in data loss and OS and file corruption. "The complexity of the exploit suggests an advanced actor and that it is highly targeted at...

9.8CVSS0.2AI score0.99474EPSS
Exploits11
Circl
Circl
added 2023/03/07 8:23 p.m.22 views

CVE-2022-41328

creationtimestamp| type| source ---|---|--- 2023-03-07 20:23:36+00:00| seen| https://t.me/cibsecurity/59597 2023-03-08 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=983 2023-03-14 07:05:01+00:00| exploited| https://t.me/thehackernews/3145 2023-03-14 12:25:07+00:00|...

7.1CVSS7AI score0.12316EPSS
Exploits0References22
CVE
CVE
added 2023/03/07 4:4 p.m.788 views

CVE-2022-41328

CVE-2022-41328 (Fortinet FortiOS path traversal) : A path traversal vulnerability in Fortinet FortiOS 7.2.0–7.2.3, 7.0.0–7.0.9, and pre-6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands (CWE-22). The issue is documented across mult...

7.1CVSS7.9AI score0.12316EPSS
In wildExploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/03/07 12:0 a.m.57 views

CVE-2022-41328

A improper limitation of a pathname to a restricted directory vulnerability ‘path traversal’ CWE-22 in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands...

7.1CVSS6.6AI score0.12316EPSS
In wildExploits0References2
Rows per page
Query Builder