1834 matches found
Fortinet FortiClient Arbitrary file creation from unprivileged users due to process impersonation (FG-IR-22-336)
The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-336 advisory. - A incorrect authorization in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10...
CVE-2023-22641
A url redirection to untrusted site 'open redirect' in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0...
CVE-2023-22641
A url redirection to untrusted site 'open redirect' in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0...
CVE-2022-40682
A incorrect authorization in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe...
CVE-2022-43948
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 7.0.0 through 7.0.3, FortiADC version 7.1.0 through 7.1.1, FortiADC version 7.0.0 through 7.0.3, FortiADC 6.2 all versions, FortiADC 6.1 all versions, FortiADC 6.0 all versions,...
CVE-2022-42470
A relative path traversal vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe...
Command injection
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 7.0.0 through 7.0.3, FortiADC version 7.1.0 through 7.1.1, FortiADC version 7.0.0 through 7.0.3, FortiADC 6.2 all versions, FortiADC 6.1 all versions, FortiADC 6.0 all versions,...
Path traversal
A relative path traversal vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe...
CVE-2023-22641
A url redirection to untrusted site 'open redirect' in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0...
CVE-2023-22641
A url redirection to untrusted site 'open redirect' in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0...
CVE-2022-43948
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 7.0.0 through 7.0.3, FortiADC version 7.1.0 through 7.1.1, FortiADC version 7.0.0 through 7.0.3, FortiADC 6.2 all versions, FortiADC 6.1 all versions, FortiADC 6.0 all versions,...
CVE-2022-43948
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 7.0.0 through 7.0.3, FortiADC version 7.1.0 through 7.1.1, FortiADC version 7.0.0 through 7.0.3, FortiADC 6.2 all versions, FortiADC 6.1 all versions, FortiADC 6.0 all versions,...
CVE-2022-42470
A relative path traversal vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe...
CVE-2022-42470
A relative path traversal vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe...
CVE-2022-42470
CVE-2022-42470 describes a local path-traversal vulnerability in Fortinet FortiClient for Windows. Exploitation path: a crafted request to a specific named pipe can allow an attacker with low privileges and no user interaction to execute arbitrary code or commands on the affected host. Affected s...
CVE-2022-40682
A incorrect authorization in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe...
CVE-2022-40682
A incorrect authorization in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe...
PT-2023-9671 · Fortinet · Forticlient
Name of the Vulnerable Software and Affected Versions: Fortinet FortiClient versions 6.0.0 through 6.0.10 Fortinet FortiClient versions 6.2.0 through 6.2.9 Fortinet FortiClient versions 6.4.0 through 6.4.9 Fortinet FortiClient versions 7.0.0 through 7.0.7 Description: The issue is related to a...
PT-2023-5164 · Fortinet · Forticlient
Name of the Vulnerable Software and Affected Versions: Fortinet FortiClient versions 6.0.0 through 6.0.10 Fortinet FortiClient versions 6.2.0 through 6.2.9 Fortinet FortiClient versions 6.4.0 through 6.4.9 Fortinet FortiClient versions 7.0.0 through 7.0.7 Description: The issue is related to...
Fortinet FortiClient 安全漏洞
Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. An elevation of privilege...