Fortiadc@7.2.0 Security Vulnerabilities and Issues — Fortiadc@7.2.0 CVE List

Lucene search

FortinetFortiadc7.2.0

5 matches found

CVE•added 2023/06/13 9:15 a.m.•42 views

CVE-2023-26210

Multiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] in Fortinet FortiADCManager version 7.1.0 and before 7.0.0, FortiADC version 7.2.0 and before 7.1.2 allows a local authenticated attacker to execute arbitrary shell code as ro...

7.8CVSS7.8AI score0.00171EPSS

CVE•added 2023/05/03 10:15 p.m.•40 views

CVE-2023-27999

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.

7.8CVSS7.7AI score0.0017EPSS

CVE•added 2023/05/03 10:15 p.m.•37 views

CVE-2023-27993

A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI commands.

7.1CVSS6.7AI score0.00063EPSS

CVE•added 2023/11/14 7:15 p.m.•37 views

CVE-2023-29177

Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests.

6.7CVSS7AI score0.00058EPSS

CVE•added 2023/12/13 7:15 a.m.•26 views

CVE-2023-41673

An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests.

7.1CVSS5.3AI score0.0016EPSS