CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

UNSUPPORTED WHEN ASSIGNED A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability CWE-22 in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1. through 5.1.2 may allow an authenticated attacker to read and delete arbitrary file of the system via...

8.8CVSS6.8AI score0.00844EPSS

Exploits0

RedhatCVE•added 2025/05/22 10:57 p.m.•6 views

CVE-2022-33869

An improper neutralization of special elements used in an OS command vulnerability CWE-78 in the management interface of FortiWAN 4.0.0 through 4.5.9 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands...

8.8CVSS7.2AI score0.01284EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:18 p.m.•4 views

CVE-2021-32585

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWAN before 4.5.9 may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests...

7.2CVSS6AI score0.00662EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:19 p.m.•5 views

CVE-2021-24009

Multiple improper neutralization of special elements used in an OS command vulnerabilities CWE-78 in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests...

9CVSS7.8AI score0.01375EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:33 p.m.•4 views

CVE-2021-32593

A use of a broken or risky cryptographic algorithm vulnerability CWE-327 in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages...

6.5CVSS7AI score0.00533EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by