Lucene search
K
FortinetMost viewed

649 matches found

Fortinet
Fortinet
added 2017/10/13 12:0 a.m.30 views

FortiWLC XSS injection via crafted HTTP POST request

The FortiWLC admin webUI is affected by XSS vulnerabilities, potentially exploitable by an authenticated user, via non-sanitized parameters "refresh" and "branchtotable" present in HTTP POST requests. A successful attack would involve getting a targeted victim with an open session on the WebUI t...

3.5CVSS5.2AI score0.00538EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2017/02/08 12:0 a.m.30 views

FortiManager TLS certificate validation failure

FortiManager does not properly validate TLS certificates when probing for devices to administer. This leads to potential pre-shared secret exposure...

5.8CVSS2.2AI score0.00899EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2016/11/09 12:0 a.m.31 views

FortiWLC Undocumented Hardcoded core Account

FortiWLC comes with a hardcoded account named 'core' which is used by Meru Access Points to send core dumps to the FortiWLC and has read/write privileges over various parts of the system...

9.4CVSS2.3AI score0.01516EPSS
Exploits0
Fortinet
Fortinet
added 2023/02/16 12:0 a.m.29 views

FortiExtender - multiple command injection vulnerabilities in webserver

An improper neutralization of special elements used in an OS command vulnerability CWE-78 in the webserver of FortiExtender may allow a privileged attacker to execute arbitrary OS commands via specially crafted input parameters...

5.8CVSS7.3AI score0.01474EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2023/02/16 12:0 a.m.29 views

FortiNAC - Multiple reflected cross-site scripting vulnerabilities in portal UI

Multiple improper neutralization of input during web page generation 'Cross-site Scripting' vulnerabilities CWE-79 in FortiNAC portal UI may allow an attacker to perform an XSS attack via crafted HTTP requests...

5.8CVSS6.1AI score0.00581EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.29 views

FortiWLM - SQL Injection in script handlers

An improper neutralization of special elements used in an SQL Command 'SQL Injection' vulnerability CWE-89 in FortiWLM may allow an unauthenticated user to taint database data and extract sensitive informations via crafted HTTP requests to alarm and device handlers...

7.5CVSS2.4AI score0.0093EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.29 views

FortiSDNConnector - Credential leak

An insufficiently protected credentials vulnerability CWE-522 in FortiSDNConnector may allow an authenticated user to obtain third party device credentials via visiting the configuration page in the WebUI...

4CVSS6.2AI score0.00593EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2020/10/19 12:0 a.m.29 views

Protect

FortiOS versions 6.2.4 and below...

4CVSS6.4AI score0.00569EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2020/04/06 12:0 a.m.29 views

XSS vulnerability in the Dashboard name parameter of FortiADC

An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cross site scripting attack XSS via the name parameter...

3.5CVSS3.2AI score0.00625EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2020/03/09 12:0 a.m.29 views

XSS Vulnerability in Disclaimer Description of a Replacement Message in FortiWeb

An improper neutralization of input vulnerability in FortiWeb may allow a remote authenticated attacker to perform a stored cross site scripting attack XSS via the Disclaimer Description of a Replacement Message...

3.5CVSS3.3AI score0.00803EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2017/08/11 12:0 a.m.29 views

FortiWeb SNMPv3 user password viewable in HTML source code

The HTML source code of the FortiWeb SNMPv3 user edit webui page includes the user's password in cleartext...

4CVSS0.4AI score0.01062EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2017/04/26 12:0 a.m.29 views

FortiAnalyzer, FortiManager Open Redirect Vulnerability

The FortiAnalyzer and FortiManager WebUI accept a user-controlled input that specifies a link to an external site, and uses that link in a redirect...

5.8CVSS2.2AI score0.00943EPSS
Exploits0Affected Software2
Fortinet
Fortinet
added 2016/08/09 12:0 a.m.29 views

FortiManager and FortiAnalyzer Client Side XSS vulnerability

A client side XSS vulnerablity in FortiManager/FortiAnalyzer could allow malicious script being injected in the Web-UI; this potentially enables XSS attacks...

4.3CVSS2.7AI score0.01009EPSS
Exploits2
Fortinet
Fortinet
added 2023/02/16 12:0 a.m.28 views

FortiWeb - Weak generation of WAF session IDs leads to session fixation

A condition for session fixation vulnerability CWE-384 in the session management of FortiWeb may allow a remote, unauthenticated attacker to infer the session identifier of other users and possibly usurp their session...

4.4AI score0.01465EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/01/21 12:0 a.m.28 views

Session ID does not expire after logout in FortiIsolator

An insufficient session expiration vulnerability in FortiIsolator may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks...

7.5CVSS8.9AI score0.01523EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2020/03/09 12:0 a.m.28 views

XSS vulnerability in the URL Description of URL filter

An improper neutralization of input vulnerability in the URL Description of FortiIsolator may allow a remote authenticated attacker to perform a stored cross site scripting attack XSS via a parameter of the request...

3.5CVSS3.2AI score0.0084EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2020/01/27 12:0 a.m.28 views

FortiSIEM - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in FortiSIEM may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack XSS by injecting malicious JavaScript code into the description field o...

3.5CVSS2.5AI score0.00622EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2018/05/04 12:0 a.m.28 views

Use of hardcoded credentials for communication between Meru access points and FortiWLC

FortiWLC included two hardcoded accounts which were used by Meru Access Points to report core dumps; these accounts had read/write privileges over various parts of the system. Starting with FortiWLC 7.0.13 and FortiWLC 8.4.0, the accounts are now completely removed and do not persist over firmwar...

10CVSS3.8AI score0.02105EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2018/03/06 12:0 a.m.28 views

FortiWeb's cookie tampering protection can be bypassed by erasing the FortiWeb session cookie

An improper access control vulnerability in FortiWeb's Signed Security mode may allow an attacker to disable the cookie tampering protection offered by FortiWeb to sites FortiWeb protects, via deleting FortiWeb's session cookie...

4.3CVSS3.4AI score0.01007EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2017/04/19 12:0 a.m.28 views

FortiOS XSS via srcintf during Firewall Policy Creation

An XSS vulnerability caused by the scrintf parameter input during Firewall Policy Creation can be exploited to load and run a remote malicious Javascript in a logged in browser...

4.3CVSS3AI score0.00961EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2017/04/19 12:0 a.m.28 views

XSS Vulnerability in FortiWeb Site Publisher

The Site Publisher functionality of FortiWeb has been found vulnerable to a Cross-Site Scripting vulnerability via an improperly sanitized parameter in a POST request...

4.3CVSS1.8AI score0.00713EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2017/04/05 12:0 a.m.28 views

FortiClient SSLVPN Linux - Arbitrary write to log file

The first launch of FortiClient SSLVPN Linux creates a log file without any prior check. By previously creating a symbolic or hard link with the name of the log file to any file in the filesystem, an attacker may smash the latter existing file. This is due to the fact that the first launch of...

1.5AI score
Exploits0
Fortinet
Fortinet
added 2016/11/22 12:0 a.m.28 views

DUHK Attack against Fortinet Products

When devices use ANSI X9.31 RNG which was removed from the list of FIPS-approved random number generation algorithms in January 2016 to generate cryptographic key under a static seed and under use with long-lived security tunnels like SSL/TLS/SSH/IPSec, such devices are vulnerable to the DUHK...

4.3CVSS2.2AI score0.01423EPSS
Exploits0
Fortinet
Fortinet
added 2016/07/11 12:0 a.m.28 views

FortiSwitch rest_admin account exposed under specific conditions

During an upgrade to version 3.4.1, a FortiSwitch device may let an attacker log in the restadmin account without a password, if all the conditions below are met: The FortiSwitch device is in FortiLink managed mode not the default mode The FortiSwitch device does not have a management FortiGate, ...

10CVSS3.7AI score0.04561EPSS
Exploits0
Fortinet
Fortinet
added 2016/05/26 12:0 a.m.28 views

Fortiweb path traversal vulnerability

A path traversal vulnerability allows an administrator account with read and write privileges to read arbitrary files using the autolearn feature...

4CVSS5AI score0.01648EPSS
Exploits0
Fortinet
Fortinet
added 2022/10/10 12:0 a.m.27 views

FortiTester - Missing account lockout on telnet port

An improper restriction of excessive authentication attempts vulnerability CWE-307 in FortiTester Telnet port may allow an unauthenticated attacker to guess the credentials of an admin user via a brute force attack...

7.5CVSS9AI score0.0074EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/09/06 12:0 a.m.27 views

FortiSOAR - OS Command Injection in Agent Password Field

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR may allow an authenticated attacker to execute unauthorized code or commands via crafted HTTP GET requests...

5.8CVSS7.3AI score0.01547EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.27 views

FortiMail - Unsafe handling of CGI environment parameters in web server framework

An improper input validation CWE-20 vulnerability in the web server CGI facilities of FortiMail may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP requests...

7.5CVSS8.9AI score0.01038EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.27 views

FortiWeb - Stack-based buffer overflow due to type mismatch

A stack-based buffer overflow vulnerability CWE-121 in FortiWeb may allow an authenticated attacker to execute unauthorized code or commands via SAML login using a crafted certificate...

4.6CVSS4.8AI score0.00157EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.27 views

Protect

A relative path traversal CWE-23 vulnerabiltiy in FortiOS and FortiProxy may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page...

5CVSS7AI score0.0155EPSS
Exploits0Affected Software2
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.27 views

FortiWeb - OS command injection

Multiple improper neutralization of special elements used in a command vulnerabilities CWE-77 in FortiWeb management interface may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests...

6.5CVSS8.8AI score0.01073EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/07/07 12:0 a.m.27 views

FortiClientMac - Privilege escalation by abusing a Symlink following vulnerability

A UNIX symbolic link Symlink Following CWE-61 vulnerability in FortiClient for MacOS may allow a local and unprivileged user to overwrite privileged shell scripts executed during the installation phase via escalating their privileges to root...

7.2CVSS7.1AI score0.00426EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/06/01 12:0 a.m.27 views

FortiWLC - XSS vulnerability

An improper neutralization of input during web page generation in FortiWLC web interface may allow both authenticated remote attackers and non-authenticated attackers in the same network as the appliance to perform a stored cross site scripting attack XSS via injecting malicious payloads in...

5.1AI score0.00312EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2018/05/29 12:0 a.m.27 views

Potential XSS in "CSRF validation failure" page due to lack of referer sanitization

On FortiAuthenticator, a HTML page is returned to the user when the CSRF validation fails on referer mismatch. This page displays the faulty referer without sanitizing it. Therefore, in an attack scenario where the referer could be manipulated, the attacker could inject malicious scripts in the...

4.3CVSS1.4AI score0.00754EPSS
Exploits0
Fortinet
Fortinet
added 2014/10/30 12:0 a.m.27 views

Multiple XSS vulnerabilities in FortiManager and FortiAnalyzer Web UI

...

4.3CVSS6.4AI score0.01161EPSS
Exploits0
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.26 views

FortiWLC - Improper authenticated access control

An improper access control vulnerability CWE-284 in FortiWLC may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions...

9CVSS5.7AI score0.01954EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/07/07 12:0 a.m.26 views

FortiMail - Insecure PRNG in password and token generation scheme of IBE authentication

A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of FortiMail Identity Based Encryption service may allow an unauthenticated attacker to infer parts of users authentication tokens and reset their credentials...

3.9AI score0.00294EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/07/07 12:0 a.m.26 views

FortiWAN - OS command injection leads to privilege escalation

An OS command injection CWE-78 vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command...

6AI score0.00788EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2020/06/03 12:0 a.m.26 views

XSS vulnerability in the Description Area of the Admin Profile

An improper neutralization of input vulnerability in the Admin Profile of FortiAnalyzer may allow a remote authenticated attacker to perform a stored cross site scripting attack XSS via the Description Area...

3.5CVSS3.6AI score0.00857EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2020/01/27 12:0 a.m.26 views

Protect

Makers of popular WiFi hacking tool hashcat have discovered a way to improve password brute-forcing of the WPA/WPA2 wifi network security standards. By leveraging the PMKID served by access points in WPA/WPA2 enabled WiFi networks, attackers gain knowledge of a pre-shared key hash, which can be...

7.1AI score
Exploits0Affected Software5
Fortinet
Fortinet
added 2016/10/05 12:0 a.m.26 views

FortiAnalyzer and FortiManager stored XSS vulnerability in report filters

A cross-site-scripting vulnerablity in FortiAnalyzer/FortiManager in advanced settings page could allow an administrator to inject scripts in the add filter field...

3.5CVSS3.4AI score0.00696EPSS
Exploits0
Fortinet
Fortinet
added 2016/09/30 12:0 a.m.26 views

FortiWLC Undocumented Hardcoded Rsync Account

FortiWLC runs a rsyncd server, historically used for High-Availability purpose. This server comes with a hardcoded account, which has read/write privileges over various parts of the system...

10CVSS3.2AI score0.02698EPSS
Exploits0
Fortinet
Fortinet
added 2012/12/03 12:0 a.m.26 views

Potential Cross Site Scripting Vulnerability in FortiDB

...

4.3CVSS2AI score0.01102EPSS
Exploits1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.25 views

FortiWLM - stored cross-site scripting in hotspot profile controller

An improper neutralization of input during web page generation vulnerability 'Cross-site Scripting' CWE-79 in FortiWLM may allow an authenticated attacker to perform a stored cross site scripting attack XSS via storing malicious payloads and trigger the attack on victim's client via various...

3.5CVSS2AI score0.00515EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.25 views

FortiSandbox, FortiWeb, FortiADC, FortiMail - Multiple cryptographic flaws allow for full LDAP and RADIUS passwords compromise

A missing cryptographic steps vulnerability CWE-325 in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox, FortiWeb, FortiADC, and FortiMail may allow an attacker in possession of the password store to compromise the confidentiality of the encrypted secrets.Â...

2.6CVSS5.6AI score0.00902EPSS
Exploits0Affected Software4
Fortinet
Fortinet
added 2021/07/07 12:0 a.m.25 views

FortiMail - Improper use of cryptographic primitives in IBE KeyStore

Missing cryptographic steps in FortiMail IBE may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...

4CVSS5.4AI score0.00545EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2015/04/16 12:0 a.m.25 views

Multiple Vulnerabilities in FortiManager

...

9CVSS8.4AI score0.05601EPSS
Exploits0
Fortinet
Fortinet
added 2015/02/05 12:0 a.m.25 views

FortiOS CAPWAP server two vulnerabilities

...

3.5CVSS6.5AI score0.00978EPSS
Exploits1
Fortinet
Fortinet
added 2022/12/06 12:0 a.m.24 views

FortiSOAR - HTML Injection Vulnerabilities

Improper neutralization of input during web page generation CWE-79 in FortiSOAR may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR...

4.9CVSS5.4AI score0.00431EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/06/03 12:0 a.m.24 views

FortiWLC - Improper access control

An improper access control CWE-284 vulnerability in FortiWLC may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL. The vulnerability applies only to limited CGI resources and might allow the...

6.7AI score0.00611EPSS
Exploits0Affected Software1
Total number of security vulnerabilities649