Lucene search
K
FortinetRecent

649 matches found

Fortinet
Fortinet
added 2021/12/07 12:0 a.m.44 views

FortiWeb - heap-based buffer overflow in API v1.0 controller

A heap-based buffer overflow CWE-122 vulnerability in FortiWeb may allow an authenticated attacker to execute arbitrary code or commands via crafted HTTP requests to the LogAccess and LogReport API controller...

6.5CVSS3.9AI score0.0122EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.30 views

FortiWLM - SQL Injection in script handlers

An improper neutralization of special elements used in an SQL Command 'SQL Injection' vulnerability CWE-89 in FortiWLM may allow an unauthenticated user to taint database data and extract sensitive informations via crafted HTTP requests to alarm and device handlers...

7.5CVSS2.4AI score0.0093EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.28 views

Protect

A relative path traversal CWE-23 vulnerabiltiy in FortiOS and FortiProxy may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page...

5CVSS7AI score0.0155EPSS
Exploits0Affected Software2
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.38 views

FortiClient (Windows) - Web filter bypass

An improper authorization vulnerabiltiy CWE-285 in FortiClient Windows may allow an unauthenticated attacker to bypass the webfilter control via modifying the session-id paramater...

5CVSS5.7AI score0.00572EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.33 views

FortiWLM - reflected cross-site scripting vulnerability in cgi_bin handlers

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiWLM may allow an authenticated user to perform an XSS attack via crafted HTTP GET requests...

3.5CVSS2.1AI score0.00515EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.40 views

Protect

An integer overflow or wraparound vulnerability CWE-190 in FortiOS SSLVPN memory allocator may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution...

7.5CVSS9.5AI score0.01823EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.46 views

Protect

A heap-based buffer overflow CWE-122 in the firmware signature verification function of FortiOS may allow an attacker to execute arbitrary code via specially crafted installation images...

6.8CVSS9.1AI score0.0144EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.47 views

FortiWeb - Unauthorized user is granted access to the Reports available in the Log & Report section

An improper access control vulnerability CWE-284 in the Report Browse section of FortiWeb's Log & Report may allow an unauthorized and unauthenticated user to access the Log reports via their URLs...

5CVSS2.9AI score0.00941EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.51 views

FortiWeb - Open redirect due to missing domain whitelisting

A URL redirection to untrusted site 'Open Redirect' CWE-601 in FortiWeb may allow an authenticated attacker to use the device as proxy to reach any protected host via crafted HTTP requests...

4.9CVSS5.4AI score0.00506EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.39 views

FortiClientEMS - Sensitive information leak

A missing encryption of sensitive data vulnerability CWE-311 in FortiClientEMS may allow an authenticated attacker to view sensitive information in clear text via any browser development tools...

4CVSS5.1AI score0.00392EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.49 views

FortiWeb - Heap-based buffer overflows in API controller

Multiple heap-based buffer overflow vulnerabilities CWE-122 in web API controllers of FortiWeb may allow a remote authenticated attacker to execute arbitrary code or commands via specifically crafted HTTP requests...

6.5CVSS7.5AI score0.01894EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.38 views

Protect

A download of code without integrity check vulnerability CWE-494 in the "execute restore src-vis" command of FortiOS may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages...

4.6CVSS7.5AI score0.00873EPSS
Exploits2Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.31 views

Meru AP - Unrestricted execution of OS commands as root

An improper sanitization of commands elements OS Command Injection vulnerability CWE-78 in Meru AP may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted commands in Meru AP's CLI...

7.2CVSS5.4AI score0.00264EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.28 views

FortiWeb - Stack-based buffer overflow due to type mismatch

A stack-based buffer overflow vulnerability CWE-121 in FortiWeb may allow an authenticated attacker to execute unauthorized code or commands via SAML login using a crafted certificate...

4.6CVSS4.8AI score0.00157EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.31 views

Protect

An insufficient verification of data authenticity vulnerability CWE-345 in the user interface of FortiProxy and FortiGate SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery CSRF attack . Only SSL VPN in web mode or full mode are impacted by this...

5.1CVSS8.4AI score0.00422EPSS
Exploits0Affected Software2
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.51 views

FortiWeb - Multiple command injection vulnerabilities

Multiple command injection vulnerabilities CWE-78 in the command line interpreter of FortiWeb may allow an authenticated attacker to execute arbitrary commands on the underlying system shell via specially crafted command arguments...

9CVSS9.4AI score0.01077EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.45 views

FortiClient (Windows) - Denial of service due to folder access permission change

An improper control of a resource through its lifetime CWE-664 vulnerability in FortiClient Windows may allow a privileged attacker to make the whole application unresponsive via changing its root directory access permission...

4.9CVSS4.5AI score0.00349EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.52 views

FortiWeb - Incorrect handling of large requests leads to denial of service

An uncontrolled resource consumption vulnerability CWE-400 in FortiWeb may allow an unauthenticated attacker to cause a Denial of Service to the FortiWeb's HTTP daemon via sending a large amount of crafted HTTP requests...

5CVSS1.8AI score0.01119EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.24 views

Protect

An improper access control vulnerability CWE-284 in FortiOS and FortiProxy autod daemon may allow an authenticated low-privileged attacker to escalate their privileges to superadmin via a specific crafted configuration of fabric automation CLI script and auto-script features...

4.6CVSS7.2AI score0.00247EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.38 views

FortiWeb - OS command injection

Multiple improper neutralization of special elements used in a command vulnerabilities CWE-77 in FortiWeb management interface may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests...

6.5CVSS8.8AI score0.01073EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/29 12:0 a.m.38 views

FortiClientWindows & FortiClient EMS - Privilege escalation via DLL Hijacking

An unsafe search path vulnerability in FortiClient and FortiClient EMS may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path...

6.9CVSS7.2AI score0.00243EPSS
Exploits0Affected Software2
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.45 views

FortiPortal - XML parser is vulnerable to XXE attacks

An improper restriction of XML external entity reference vulnerability CWE-611 in the parser of XML responses of FortiPortal may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file...

6.4CVSS7.7AI score0.008EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.40 views

FortiWLM - Command injection in script handlers

An improper neutralization of special elements used in an OS command vulnerability 'OS Command Injection' CWE-78 in FortiWLM may allow an authenticated attacker to execute unauthorized code or commands via crafted HTTP requests to various controllers...

6.5CVSS8.7AI score0.01895EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.49 views

FortiSIEM - privilege escalation by script executionution in Windows Agent

An improper privilege management vulnerability CWE-269 in the FortiSIEM Windows Agent may allow an authenticated user to execute unauthorized code or commands as a privileged user via script execution...

4.6CVSS7.4AI score0.00208EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.39 views

FortiSIEM - plaintext storage of sensitive data in Windows Agent

A plaintext storage of a password vulnerability CWE-256 in the FortiSIEM Windows Agent may allow an authenticated user to impersonate the agent registered to the Supervisor via reading specific log files...

2.1CVSS5.7AI score0.00212EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.40 views

FortiAnalyzer - XSS vulnerability

An improper neutralization of input during web page generation CWE-79 in FortiAnalyzer may allow an attacker to perform a stored Cross Site Scripting XSS attack via specifically crafted requests to the web GUI...

3.5CVSS5.2AI score0.00451EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.34 views

FortiPortal - XSS vulnerability

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiPortal GUI may allow a remote and unauthenticated attacker to perform an XSS attack via sending a crafted request with an invalid lang parameter or with an invalid...

4.3CVSS6AI score0.00632EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.49 views

FortiWeb - Uncontrolled resource consumption

An uncontrolled resource consumption vulnerability CWE-400 in FortiWeb may allow an unauthenticated attacker to cause a denial of service via crafted HTTP requests to proxy services...

5CVSS7.1AI score0.0138EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.51 views

FortiClient (MacOS) - Dylib injection Vulnerability observed in FortiClientMacOS

An improper control of generation of code vulnerability CWE-94 in FortiClient for MacOS may allow an authenticated attacker to hijack the MacOS camera via replacing the FortiClient camera handling library with a malicious one...

3.5CVSS5.6AI score0.00413EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.35 views

FortiPortal - Reflected cross-site scripting due to wrong sanitization context

Multiple improper neutralization of input during web page generation vulnerabilities CWE-79 in both the customer and provider interfaces of FortiPortal may allow an attacker to perform reflected Cross-site scripting attacks via specially crafted HTTP request parameters...

4.3CVSS6.3AI score0.00562EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.40 views

Multiple Products - Retrieval of sensitive information in cleartext via GUI

A cleartext storage of sensitive information in the GUI of FortiADC, FortiSIEM, FortiDDoS, FortiDDoS-CM and FortiDDoS-F may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords, RADIUS shared secret and the Elastic Cloud database password by...

4CVSS5AI score0.00526EPSS
Exploits0Affected Software4
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.34 views

FortiPortal - Uncontrolled memory allocation

A memory allocation with excessive size value vulnerability CWE-789 in the license verification function of FortiPortal may allow an attacker to perform a denial of service attack via specially crafted license blobs...

5CVSS7.1AI score0.00756EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.32 views

FortiManager - ADOMs script information leaked in FortiGate CLI

An exposure of sensitive information to an unauthorized actor CWE-200 vulnerability in FortiManager may allow a FortiGate user to see scripts from other ADOMS...

2.1CVSS4.5AI score0.00218EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.36 views

FortiWLM - SQL Injection in script handlers

An improper neutralization of special elements CWE-79 used in an SQL command vulnerability 'SQL Injection' CWE-89 in FortiWLM may allow an authenticated attacker to disclose sensitive information via crafted HTTP requests to various controllers...

4CVSS6.7AI score0.00967EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.59 views

Protect

An improper validation of certificate with host mismatch CWE-297 vulnerability in FortiOS may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials...

4.3CVSS6.1AI score0.00551EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.35 views

FortiClient (Windows) - Privilege escalation vulnerability

An improper authorization vulnerability CWE-285 in FortiClient for Windows may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for Forticlient updates...

7.2CVSS7.2AI score0.00347EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.40 views

FortiPortal - Denial of service vulnerabilities

Multiple uncontrolled resource consumption vulnerabilities CWE-400 in the web interface of FortiPortal may allow a single low-privileged user to induce a denial of service via multiple HTTP requests...

4CVSS6.4AI score0.00805EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.67 views

FortiPortal - Improper thread synchronization for database operations

A concurrent execution using shared resource with improper Synchronization vulnerability 'Race Condition' CWE-362 in the customer database interface of FortiPortal may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific...

3.5CVSS5AI score0.00436EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.49 views

FortiWeb - Stack-Based Buffer Overflow vulnerability

A stack-based buffer overflow CWE-121 vulnerability in FortiWeb may allow an unauthenticated attacker to overwrite the content of the stack and potentially execute arbitrary code by sending crafted HTTP requests with large request parameter values...

7.5CVSS9.8AI score0.01561EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.50 views

FortiClientEMS - Authenticated Injection vulnerabilities

An improper neutralization of input vulnerability CWE-79 in FortiClientEMS may allow a remote authenticated attacker to inject malicious script/tags via the name parameter of various sections of the server...

3.5CVSS5.5AI score0.00711EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/11/02 12:0 a.m.87 views

FortiManager - Improper Inter ADOM access control

An improper access control vulnerability CWE-284 in FortiManager may allow an authenticated attacker with a restricted user profile to modify the VPN tunnel status of other VDOMs using VPN Manager...

4CVSS4.9AI score0.00496EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.30 views

FortiSDNConnector - Credential leak

An insufficiently protected credentials vulnerability CWE-522 in FortiSDNConnector may allow an authenticated user to obtain third party device credentials via visiting the configuration page in the WebUI...

4CVSS6.2AI score0.00593EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.41 views

FortiAnalyzer - XSS vulnerability observed in the Column settings of LogView

An improper neutralization of input vulnerability CWE-79 in FortiAnalyzer may allow a remote authenticated attacker to perform a stored cross site scripting attack XSS via the column settings of Logview in FortiAnalyzer, should the attacker be able to obtain that POST request, via other,...

3.5CVSS5.1AI score0.00641EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.37 views

FortiAnalyzer & FortiManager - Forticloud credentials observed in cleartext in the logfile

An information disclosure vulnerability CWE-200 in FortiAnalyzer and FortiManager VM may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext...

2.1CVSS4.2AI score0.00217EPSS
Exploits0Affected Software2
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.35 views

FortiWebManager - Injection vulnerabilities

An improper neutralization of input vulnerability CWE-79 in FortiWebManager may allow a remote authenticated attacker to inject malicious script/tags via the name/description/comments parameter of various sections of the device...

3.5CVSS5.3AI score0.0058EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.33 views

FortiClientEMS - Directory Traversal vulnerability

A path traversal vulnerability CWE-22 in FortiClientEMS may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages...

5.5CVSS5.6AI score0.01109EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.63 views

FortiSandbox - Buffer overflow due to use of size of source buffer in libc safe functions

A stack-based buffer overflow vulnerability CWE-121Â in the profile parser of FortiSandbox may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically crafted HTTP requests...

7.3AI score0.0047EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.33 views

FortiClientEMS - Session cookie does not expire after logout

An insufficient session expiration vulnerability CWE- 613 in FortiClientEMS may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks...

7.5CVSS8.9AI score0.03841EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/09/07 12:0 a.m.47 views

Insufficient validation logic in Fortisandbox sniffer's max file size

An improper input validation vulnerability in the sniffer interface of FortiSandbox may allow an authenticated attacker to silently halt the sniffer via specifically crafted requests...

5.5CVSS5.6AI score0.0061EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/09/07 12:0 a.m.34 views

FortiManager - Excel formula injection in P&O IPv4 Policy names Vulnerability

An improper neutralization of formula elements vulnerability CWE 1236 in FortiManager may allow a local authenticated privileged attacker to execute arbitrary shell code on the end-user's host via inserting CSV formula in the policy names. This is achieved once the user downloads and opens the...

9.3CVSS6.5AI score0.00488EPSS
Exploits0Affected Software1
Total number of security vulnerabilities649