VYPR

Fortios

by Fortinet

CVEs (267)

  • CVE-2021-26092Feb 24, 2022
    risk 0.00cvss epss 0.01

    Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote…

  • CVE-2021-36169Dec 13, 2021
    risk 0.00cvss epss 0.00

    A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.

  • CVE-2021-36173Dec 8, 2021
    risk 0.00cvss epss 0.01

    A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images.

  • CVE-2021-26109Dec 8, 2021
    risk 0.00cvss epss 0.02

    An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution.

  • CVE-2021-26108Dec 8, 2021
    risk 0.00cvss epss 0.01

    A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering.

  • CVE-2021-41024Dec 8, 2021
    risk 0.00cvss epss 0.02

    A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request…

  • CVE-2021-42757Dec 8, 2021
    risk 0.00cvss epss 0.00

    A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

  • CVE-2021-26110Dec 8, 2021
    risk 0.00cvss epss 0.00

    An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via…

  • CVE-2021-32600Nov 17, 2021
    risk 0.00cvss epss 0.01

    An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin…

  • CVE-2021-41019Nov 2, 2021
    risk 0.00cvss epss 0.01

    An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials.

  • CVE-2021-24018Aug 4, 2021
    risk 0.00cvss epss 0.01

    A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.

  • CVE-2019-17656Apr 12, 2021
    risk 0.00cvss epss 0.02

    A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the…

  • CVE-2020-6648Oct 21, 2020
    risk 0.00cvss epss 0.01

    A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to…

  • CVE-2018-13371Apr 2, 2020
    risk 0.00cvss epss 0.01

    An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component.

  • CVE-2019-6696Mar 15, 2020
    risk 0.00cvss epss 0.01

    An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage.

  • CVE-2019-5593Jan 23, 2020
    risk 0.00cvss epss 0.00

    Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or…

  • CVE-2019-15705Nov 27, 2019
    risk 0.00cvss epss 0.01

    An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.

  • CVE-2018-9195Nov 21, 2019
    risk 0.00cvss epss 0.02

    Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in…

  • CVE-2019-15703Oct 24, 2019
    risk 0.00cvss epss 0.01

    An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA…

  • CVE-2018-13367Aug 23, 2019
    risk 0.00cvss epss 0.01

    An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI.