VYPR

Fortios

by Fortinet

CVEs (267)

  • CVE-2013-7182Feb 4, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.

  • CVE-2013-7181Feb 4, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter.

  • CVE-2013-4604Jun 25, 2013
    risk 0.00cvss epss 0.01

    Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.

  • CVE-2006-3222Jun 24, 2006
    risk 0.00cvss epss 0.02

    The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.

  • CVE-2005-3057Dec 31, 2005
    risk 0.00cvss epss 0.03

    The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as…

  • CVE-2005-4570Dec 29, 2005
    risk 0.00cvss epss 0.02

    The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with…

  • CVE-2005-1837Jun 1, 2005
    risk 0.00cvss epss 0.01

    Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges.

Page 14 of 14