4 matches found
Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities
Fortinet is aware of a threat actor creating a malicious file from previously exploited Fortinet vulnerabilities CVE-2024-21762, CVE-2023-27997, and CVE-2022-42475 within FortiGate products. This malicious file could enable read-only access to files on the device's file system, which may include...
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
cve-2024-21762-poc CVE-2024-21762 is a critical vulnerability...
Fortinet Fortigate IPS Engine evasion using custom TCP flags (FG-IR-23-090)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-090 advisory. - A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via...
PT-2020-6796 · Fortinet · Forticlient +1
Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.0.10 and below FortiOS versions 5.6.12 and below Description: The issue is related to a stack-based buffer overflow in the FortiClient NAC daemon fcnacd that can be exploited by a remote attacker authenticated to the SSL VP...