1117 matches found
CVE-2026-59840
Fortinet FortiOS (7.6.0–7.6.2, 7.4.0–7.4.8, 7.2 all) and FortiProxy (7.6.0–7.6.5, 7.4.0–7.4.13, 7.2 all) are affected by a buffer over-read that may lead to information disclosure. Root cause described as a buffer over-read affecting multiple Fortinet products; the exact attack vector is not spec...
CVE-2026-23573
Technical details for CVE-2026-23573 are not publicly available in the provided documents. Monitor for updates from Fortinet PSIRTs and NVD for affected products and fixes.
CVE-2026-59839
CVE-2026-59839 describes a path traversal vulnerability: improper limitation of a pathname to a restricted directory in Fortinet products, affecting FortiOS (versions 7.6.0–7.6.6, 7.4.0–7.4.9, 7.2.x, 7.0.x, 6.4.x), FortiPAM (1.8.0 down to 1.0, all 1.x releases), and FortiProxy (7.6.0–7.6.5, 7.4–7...
CVE-2025-62675
The CVE-2025-62675 entry concerns an issue described as an Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting) in Fortinet FortiOS and FortiProxy products. Affected versions are FortiOS 7.6.0–7.6.4, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiProxy 7.6...
CVE-2026-59837
Fortinet vulnerability CVE-2026-59837 affects FortiOS (7.4.0–7.4.1, 7.2 all), FortiPAM (1.0–1.8.2), and FortiProxy (7.2 all, 7.4.0–7.4.13). The issue is a stack-based buffer overflow exploitable by a privileged authenticated attacker who can bypass stack protection and ASLR, via crafted HTTP requ...
Fortinet - Authentication Bypass
Fortinet contains an authentication bypass vulnerability via using an alternate path or channel in FortiOS 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy 7.2.0 and 7.0.0 through 7.0.6, and FortiSwitchManager 7.2.0 and 7.0.0. An attacker can perform operations on the administrative...
Fortinet FortiOS - Credentials Disclosure
Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests due to improper limitation of a...
CVE-2025-67862
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...
EUVD-2025-210085
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...
CVE-2025-67862
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...
CVE-2025-67862
Technical details for CVE-2025-67862 are not publicly available in the provided documents. Monitor for updates.
CVE-2025-67862
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...
CVE-2025-67862
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiPro...
Fortinet FortiOS和Fortinet FortiProxy 安全漏洞
Fortinet FortiOS and Fortinet FortiProxy are products of the American company Fortinet. Fortinet FortiOS is a security operating system specifically designed for the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus...
Fortinet Fortigate Restricted CLI escape using Lua (FG-IR-26-143)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-143 advisory. - An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability CWE-1244 vulnerability in Fortinet FortiOS...
PT-2026-47805
Name of the Vulnerable Software and Affected Versions FortiOS versions 7.6.0 through 7.6.2 FortiOS versions 7.4.0 through 7.4.7 FortiOS versions 7.2.0 through 7.2.10 FortiOS versions 7.0.0 through 7.0.16 FortiOS versions 6.4 all versions FortiProxy versions 7.6.0 through 7.6.3 FortiProxy versions...
CVE-2025-61624
An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...
EUVD-2025-209452
An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...
CVE-2025-61624
An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...
Fortinet多款产品 SQL注入漏洞
Fortinet FortiOS are products of the American company Fortinet. Fortinet FortiOS is a security operating system specifically designed for the FortiGate network security platform. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiProxy is a secure network...