17 matches found
EUVD-2025-17796
Malicious code in bioql PyPI...
CVE-2025-22254
An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...
CVE-2025-22254
An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...
CVE-2025-22254
An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...
CVE-2025-22254
An Improper Privilege Management vulnerability CWE-269 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7,...
CVE-2025-22254
CVE-2025-22254 affects Fortinet FortiOS (7.6.0–7.6.1, 7.4.0–7.4.6, 7.2.0–7.2.10, 7.0.0–7.0.16, 6.4.0–6.4.15), FortiProxy (7.6.0–7.6.1, 7.4.0–7.4.7) and FortiWeb (7.6.0–7.6.1, 7.4.0–7.4.6). Root cause: Improper Privilege Management (CWE-269) allowing an authenticated user with at least read-only a...
PT-2025-24714 · Fortinet +1 · Fortiproxy +3
Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.6.0 through 7.6.1 Fortinet FortiOS versions 7.4.0 through 7.4.6 Fortinet FortiOS versions 7.2.0 through 7.2.10 Fortinet FortiOS versions 7.0.0 through 7.0.16 Fortinet FortiOS version before 6.4.15 FortiProxy versio...
Fortinet FortiWeb Privilege escalation in GUI websocket module (FG-IR-25-006)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-006 advisory. - An Improper Privilege Management vulnerability CWE-269 affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through...
CVE-2024-55591
An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket...
CVE-2024-55591
An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket...
CVE-2024-55591
An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket...
Fortinet Fortigate Authentication bypass in Node.js websocket module and CSF requests (FG-IR-24-535)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-24-535 advisory. - An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS 7.0.0 through...
PT-2025-1051
Name of the Vulnerable Software and Affected Versions FortiOS versions 7.0.0 through 7.0.16 FortiProxy versions 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 Description An authentication bypass vulnerability in FortiOS and FortiProxy allows a remote attacker to gain super-admin privileges via...
Fortinet FortiOS和FortiProxy 安全漏洞
Fortinet FortiOS and Fortinet FortiProxy are both products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content...
VulnCheck KEV: CVE-2024-55591
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module...
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module...
CVE-2024-55591
An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket...