Fortiproxy@7.0.9 Security Vulnerabilities and Issues — Fortiproxy@7.0.9 CVE List

Lucene search

FortinetFortiproxy7.0.9

7 matches found

CVE•added 2023/06/13 9:15 a.m.•1206 views

CVE-2023-27997

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all ...

9.8CVSS9.8AI score0.90312EPSS

In wild

CVE•added 2023/07/26 3:15 p.m.•92 views

CVE-2023-33308

A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy...

9.8CVSS9.8AI score0.0593EPSS

CVE•added 2023/06/16 10:15 a.m.•73 views

CVE-2023-33307

A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.

6.5CVSS6.3AI score0.00071EPSS

CVE•added 2023/06/13 9:15 a.m.•69 views

CVE-2023-33305

A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0....

6.5CVSS6.2AI score0.00142EPSS

CVE•added 2023/06/13 9:15 a.m.•57 views

CVE-2023-29178

A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.

4.3CVSS4.5AI score0.00127EPSS

CVE•added 2023/06/13 9:15 a.m.•54 views

CVE-2023-29175

An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-M...

4.8CVSS5.1AI score0.00091EPSS

CVE•added 2023/12/13 8:15 a.m.•52 views

CVE-2023-47536

An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocali...

5.3CVSS5.4AI score0.0005EPSS