Fortiadc@6.0.4 Security Vulnerabilities and Issues — Fortiadc@6.0.4 CVE List

Lucene search

FortinetFortiadc6.0.4

10 matches found

CVE•added 2022/08/05 8:15 p.m.•112 views

CVE-2022-22299

A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 throu...

7.8CVSS7.8AI score0.00133EPSS

CVE•added 2023/01/03 5:15 p.m.•71 views

CVE-2022-39947

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.2, FortiADC version 6.2.0 through 6.2.3, FortiADC version version 6.1.0 through 6.1.6, FortiADC version 6.0.0 through 6.0.4, FortiADC version 5.4.0 through 5.4...

8.8CVSS8.9AI score0.01524EPSS

CVE•added 2023/10/10 5:15 p.m.•59 views

CVE-2023-25607

An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 thr...

7.8CVSS7.9AI score0.00151EPSS

CVE•added 2022/11/02 12:15 p.m.•56 views

CVE-2022-38381

An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 through 6.2.3, and 7.0.0 through 7.0.2. This may allow a remote attacker without privileges to bypass some Web Application Firewall (WAF) protection s...

9.8CVSS9.5AI score0.00019EPSS

CVE•added 2022/09/06 4:15 p.m.•53 views

CVE-2021-43076

An improper privilege management vulnerability [CWE-269] in FortiADC versions 6.2.1 and below, 6.1.5 and below, 6.0.4 and below, 5.4.5 and below and 5.3.7 and below may allow a remote authenticated attacker with restricted user profile to modify the system files using the shell access.

6.5CVSS6.2AI score0.0014EPSS

CVE•added 2023/06/13 9:15 a.m.•44 views

CVE-2023-26210

Multiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] in Fortinet FortiADCManager version 7.1.0 and before 7.0.0, FortiADC version 7.2.0 and before 7.1.2 allows a local authenticated attacker to execute arbitrary shell code as ro...

7.8CVSS7.8AI score0.00171EPSS

CVE•added 2023/06/13 9:15 a.m.•43 views

CVE-2023-28000

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC CLI 7.1.0, 7.0.0 through 7.0.3, 6.2.0 through 6.2.4, 6.1 all versions, 6.0 all versions may allow a local and authenticated attacker to execute unauthorized commands via specifically crafted argu...

7.8CVSS7.6AI score0.00077EPSS

CVE•added 2024/07/09 4:15 p.m.•38 views

CVE-2023-50178

An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication c...

7.4CVSS7.3AI score0.00114EPSS

CVE•added 2023/02/16 7:15 p.m.•34 views

CVE-2022-27482

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.6, 6.0.x, 5.x.x allows attacker to execute arbitrary shell code as root via CLI commands.

7.8CVSS7.9AI score0.00236EPSS

CVE•added 2023/12/13 7:15 a.m.•27 views

CVE-2023-41673

An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests.

7.1CVSS5.3AI score0.0016EPSS