Lucene search

K
FortinetFortiweb

106 matches found

CVE
CVE
added 2021/12/08 11:15 a.m.33 views

CVE-2021-36180

Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.5 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests.

8.8CVSS8.9AI score0.00742EPSS
CVE
CVE
added 2023/02/16 7:15 p.m.32 views

CVE-2023-25602

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all ...

7.8CVSS8AI score0.00089EPSS
CVE
CVE
added 2023/02/16 7:15 p.m.30 views

CVE-2021-42761

A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 through 6.3.16, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 through 6.0.7, 5.9.0 through 5.9.1 may allow a remote, unauthenticated attacker to infer the session identi...

9.8CVSS9.4AI score0.0251EPSS
CVE
CVE
added 2025/08/12 7:15 p.m.8 views

CVE-2025-27759

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code...

6.7CVSS7.7AI score0.00042EPSS
CVE
CVE
added 2025/08/12 7:15 p.m.7 views

CVE-2025-32766

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands

6.7CVSS8.5AI score0.00019EPSS
CVE
CVE
added 2025/08/12 7:15 p.m.7 views

CVE-2025-47857

A improper neutralization of special elements used in an os command ('os command injection') vulnerability [CWE-78] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or command via crafted CLI commands.

6.7CVSS8.1AI score0.00045EPSS
Total number of security vulnerabilities106