Fortios Security Vulnerabilities and Issues — Page 4 of Fortios CVE List

Lucene search

FortinetFortios

233 matches found

CVE•added 2023/03/07 5:15 p.m.•53 views

CVE-2022-45861

An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated att...

6.5CVSS6.2AI score0.00761EPSS

CVE•added 2024/07/09 4:15 p.m.•53 views

CVE-2024-26015

An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...

4.7CVSS7.3AI score0.00051EPSS

CVE•added 2022/09/06 6:15 p.m.•52 views

CVE-2022-29053

A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it.

3.3CVSS4.1AI score0.0006EPSS

CVE•added 2023/06/13 9:15 a.m.•52 views

CVE-2023-29175

An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-M...

4.8CVSS5.1AI score0.00091EPSS

CVE•added 2025/04/08 2:15 p.m.•52 views

CVE-2023-37930

Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE-834] vulnerabilities in Fortinet FortiOS SSL VPN webmode version 7.4.0, version 7.2.0 through 7.2.5, version 7.0.1 through 7.0.11 and version 6.4.7 through 6.4.14 and Fortinet FortiProxy SSL VPN web...

8.8CVSS7.8AI score0.0014EPSS

CVE•added 2025/01/14 2:15 p.m.•52 views

CVE-2024-54021

An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.

9.8CVSS6.5AI score0.00155EPSS

CVE•added 2019/11/27 9:15 p.m.•51 views

CVE-2019-15705

An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.

7.5CVSS7.4AI score0.00576EPSS

CVE•added 2024/03/12 3:15 p.m.•51 views

CVE-2023-46717

An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts.

8.8CVSS7.7AI score0.00175EPSS

CVE•added 2025/01/16 10:15 a.m.•51 views

CVE-2024-50563

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to...

9.8CVSS7.7AI score0.00165EPSS

CVE•added 2014/08/25 2:55 p.m.•50 views

CVE-2014-2216

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request.

7.5CVSS7.8AI score0.05813EPSS

CVE•added 2022/09/06 4:15 p.m.•50 views

CVE-2021-43080

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack through the URI parameter via the Threat...

5.4CVSS5.1AI score0.00391EPSS

CVE•added 2023/12/13 8:15 a.m.•50 views

CVE-2023-47536

An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocali...

5.3CVSS5.4AI score0.00098EPSS

CVE•added 2016/04/08 2:59 p.m.•49 views

CVE-2016-3978

The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login."

6.1CVSS6AI score0.05549EPSS

CVE•added 2017/02/08 4:59 p.m.•49 views

CVE-2016-8492

The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.

5.9CVSS5.6AI score0.00379EPSS

CVE•added 2023/02/16 7:15 p.m.•49 views

CVE-2021-43074

An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and bel...

4.3CVSS4.6AI score0.0009EPSS

CVE•added 2024/05/14 5:15 p.m.•48 views

CVE-2023-36640

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 th...

6.7CVSS7.3AI score0.00064EPSS

CVE•added 2013/06/25 2:38 p.m.•47 views

CVE-2013-4604

Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.

6.5CVSS6.7AI score0.00391EPSS

CVE•added 2015/08/11 2:59 p.m.•47 views

CVE-2015-2323

FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle attackers to spoof TLS content by modifying packets.

6.4CVSS6.7AI score0.00288EPSS

CVE•added 2021/12/08 1:15 p.m.•47 views

CVE-2021-26108

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering.

7.5CVSS7.4AI score0.002EPSS

CVE•added 2024/04/09 3:15 p.m.•47 views

CVE-2024-23662

An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests.

7.5CVSS6.2AI score0.00353EPSS

CVE•added 2024/05/14 5:15 p.m.•47 views

CVE-2024-26007

An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests.

7.5CVSS6.9AI score0.00251EPSS

CVE•added 2025/05/28 8:15 a.m.•47 views

CVE-2025-47295

A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon via a specially crafted request, under rare conditions that are outside of the attacker's control...

3.7CVSS7.2AI score0.00093EPSS

CVE•added 2014/02/04 5:39 a.m.•46 views

CVE-2013-7182

Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.

4.3CVSS5.7AI score0.00812EPSS

CVE•added 2015/08/11 2:59 p.m.•46 views

CVE-2015-5965

The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.

5CVSS6.5AI score0.0035EPSS

CVE•added 2017/10/27 1:29 p.m.•46 views

CVE-2017-14182

A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the 'params' parameter of the JSON web API.

6.5CVSS6.2AI score0.01458EPSS

CVE•added 2018/05/25 4:29 p.m.•46 views

CVE-2017-14185

An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal.

5.3CVSS5.2AI score0.00327EPSS

CVE•added 2017/08/10 9:29 p.m.•46 views

CVE-2017-3130

An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets.

7.5CVSS7.1AI score0.00291EPSS

CVE•added 2017/12/13 10:29 p.m.•46 views

CVE-2017-7738

An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command.

7.2CVSS6.7AI score0.00346EPSS

CVE•added 2022/11/02 12:15 p.m.•46 views

CVE-2022-38380

An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticated read-only user to modify the interface settings via the API.

4.3CVSS4.3AI score0.11847EPSS

CVE•added 2024/05/14 5:15 p.m.•46 views

CVE-2023-45586

An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 al...

5CVSS6.5AI score0.00215EPSS

CVE•added 2025/06/10 5:19 p.m.•46 views

CVE-2024-50562

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session ...

4.8CVSS5.1AI score0.00362EPSS

CVE•added 2017/03/30 2:59 p.m.•45 views

CVE-2016-7542

A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them.

4.9CVSS5.1AI score0.00414EPSS

CVE•added 2017/10/27 1:29 p.m.•45 views

CVE-2017-7733

A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter.

6.1CVSS6.4AI score0.00349EPSS

CVE•added 2017/09/12 2:29 a.m.•45 views

CVE-2017-7735

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2.0 through 5.2.11 and 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via the "Groups" input while creating or editing User Groups.

5.4CVSS5.6AI score0.00305EPSS

CVE•added 2024/05/14 5:15 p.m.•45 views

CVE-2023-44247

A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.

7.2CVSS7.3AI score0.00166EPSS

CVE•added 2015/08/11 2:59 p.m.•44 views

CVE-2015-3626

Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname.

4.3CVSS5.8AI score0.00285EPSS

CVE•added 2019/04/09 5:29 p.m.•44 views

CVE-2018-13366

An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol.

5.3CVSS5AI score0.00237EPSS

CVE•added 2025/03/17 2:15 p.m.•44 views

CVE-2019-15706

An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy version 2.0.0, version 1.2.9 and below and FortiOS version 6.2.1 and below, version 6.0.8 and below, version 5.6.12 may allow a remote authenticated attacker to perform a stored cross site scripting a...

5.4CVSS4.2AI score0.0006EPSS

CVE•added 2025/06/10 5:17 p.m.•44 views

CVE-2023-29184

An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests.

3.2CVSS4AI score0.00017EPSS

CVE•added 2025/01/14 2:15 p.m.•44 views

CVE-2024-36504

An out-of-bounds read vulnerability [CWE-125] in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticated attacker to perform a denial of service on the SSLVPN web portal via a specially crafted URL.

6.5CVSS6.2AI score0.00219EPSS

CVE•added 2025/05/28 8:15 a.m.•44 views

CVE-2025-47294

A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially crafted request.

5.3CVSS5.5AI score0.00093EPSS

CVE•added 2015/02/02 4:59 p.m.•43 views

CVE-2015-1452

The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages.

7.8CVSS6.8AI score0.00977EPSS

CVE•added 2021/04/12 3:15 p.m.•43 views

CVE-2019-17656

A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is no...

6.5CVSS6.7AI score0.02796EPSS

CVE•added 2021/12/13 2:15 p.m.•43 views

CVE-2021-36169

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.

6.6CVSS6AI score0.0003EPSS

CVE•added 2023/02/16 7:15 p.m.•43 views

CVE-2022-42472

A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10,...

5.4CVSS5.4AI score0.00401EPSS

CVE•added 2025/01/14 2:15 p.m.•43 views

CVE-2024-46670

An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted ...

7.5CVSS7.6AI score0.00166EPSS

CVE•added 2020/01/23 5:15 p.m.•42 views

CVE-2019-5593

Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded loca...

5.5CVSS5.4AI score0.00034EPSS

CVE•added 2021/03/04 6:15 p.m.•42 views

CVE-2020-15938

When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header.

7.5CVSS7.5AI score0.0022EPSS

CVE•added 2021/12/08 1:15 p.m.•42 views

CVE-2021-41024

A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.

7.5CVSS7.2AI score0.00536EPSS

CVE•added 2023/02/16 7:15 p.m.•42 views

CVE-2022-41334

An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the "redir" parameter of the URL seen when the "Sign in with For...

8.8CVSS6AI score0.00301EPSS

Total number of security vulnerabilities233