Latest fortinet fortios Vulnerabilities

CVE-2023-36640
Format String Bug in cli command
Fortinet FortiOS=.
Fortinet FortiOS>=7.2.0<=7.2.5
Fortinet FortiOS>=7.0
Fortinet FortiOS>=6.4
Fortinet FortiOS>=6.2
Fortinet FortiOS>=6.0.0<=6.0.16
and 10 more
CVE-2023-46714
Buffer overflow in administrative interface
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.1<=7.2.6
FG-IR-24-017
Node.js crash over administrative interface
Fortinet FortiOS=.
FG-IR-23-225
SSL-VPN user IP spoofing
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.7
Fortinet FortiOS>=7.0.0<=7.0.12
Fortinet FortiOS>=6.4
Fortinet FortiOS>=6.2
Fortinet FortiProxy>=7.4.0<=7.4.1
and 3 more
FG-IR-23-415
Buffer overflow in administrative interface
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.1<=7.2.6
FG-IR-23-195
Double free with double usage of json_object_put
Fortinet FortiOS>=6.4
Fortinet FortiOS>=6.2
CVE-2024-26007
Node.js crash over administrative interface
Fortinet FortiOS=.
FG-IR-23-137
Format String Bug in cli command
Fortinet FortiOS=.
Fortinet FortiOS>=7.2.0<=7.2.5
Fortinet FortiOS>=7.0
Fortinet FortiOS>=6.4
Fortinet FortiOS>=6.2
Fortinet FortiOS>=6.0.0<=6.0.16
and 10 more
CVE-2023-45586
SSL-VPN user IP spoofing
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.7
Fortinet FortiOS>=7.0.0<=7.0.12
Fortinet FortiOS>=6.4
Fortinet FortiOS>=6.2
Fortinet FortiProxy>=7.4.0<=7.4.1
and 3 more
CVE-2023-45583
Format String Bug in cli command
Fortinet FortiOS=.
Fortinet FortiOS>=7.2.0<=7.2.5
Fortinet FortiOS>=7.0
Fortinet FortiOS>=6.4
Fortinet FortiOS>=6.2
Fortinet FortiOS>=6.0.0<=6.0.16
and 10 more
CVE-2023-44247
Double free with double usage of json_object_put
Fortinet FortiOS>=6.4
Fortinet FortiOS>=6.2
FG-IR-23-224
Web server ETag exposure
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.5
Fortinet FortiOS>=7.0
Fortinet FortiOS>=6.4
CVE-2023-48784
FortiOS - Format String in CLI command
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.7
Fortinet FortiOS>=7.0
Fortinet FortiOS>=6.4
FG-IR-23-413
FortiOS - Format String in CLI command
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.7
Fortinet FortiOS>=7.0
Fortinet FortiOS>=6.4
CVE-2023-41677
Administrator cookie leakage
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0.0<=7.0.12
Fortinet FortiOS>=6.4.0<=6.4.14
Fortinet FortiOS>=6.2.0<=6.2.15
Fortinet FortiOS>=6.0
and 7 more
CVE-2024-23662
Web server ETag exposure
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.5
Fortinet FortiOS>=7.0
Fortinet FortiOS>=6.4
FG-IR-23-493
Administrator cookie leakage
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0.0<=7.0.12
Fortinet FortiOS>=6.4.0<=6.4.14
Fortinet FortiOS>=6.2.0<=6.2.15
Fortinet FortiOS>=6.0
and 7 more
CVE-2024-23112
Authorization bypass in SSLVPN bookmarks
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0.1<=7.0.13
Fortinet FortiOS>=6.4.7<=6.4.14
Fortinet FortiProxy>=7.4.0<=7.4.2
Fortinet FortiProxy>=7.2.0<=7.2.8
and 8 more
CVE-2023-42789
Out-of-bounds Write in captive portal
Fortinet FortiProxy>=2.0.0<=2.0.13
Fortinet FortiProxy>=7.0.0<=7.0.12
Fortinet FortiProxy>=7.2.0<=7.2.6
Fortinet FortiProxy=7.4.0
Fortinet FortiOS>=6.2.0<=6.2.15
Fortinet FortiOS>=6.4.0<=6.4.14
and 4 more
CVE-2023-42790
Out-of-bounds Write in captive portal
Fortinet FortiProxy>=2.0.0<=2.0.13
Fortinet FortiProxy>=7.0.0<=7.0.12
Fortinet FortiProxy>=7.2.0<=7.2.6
Fortinet FortiProxy=7.4.0
Fortinet FortiOS>=6.2.0<=6.2.15
Fortinet FortiOS>=6.4.0<=6.4.14
and 3 more
FG-IR-24-013
Authorization bypass in SSLVPN bookmarks
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0.1<=7.0.13
Fortinet FortiOS>=6.4.7<=6.4.14
Fortinet FortiProxy>=7.4.0<=7.4.2
Fortinet FortiProxy>=7.2.0<=7.2.8
and 1 more
CVE-2023-46717
Improper authentication following read-only user login
Fortinet FortiOS>=7.0.0<7.0.13
Fortinet FortiOS>=7.2.0<7.2.7
Fortinet FortiOS>=7.4.0<7.4.2
FG-IR-24-015
Out-of-bound Write in sslvpnd
Fortinet FortiOS>=7.4.0<=7.4.2
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0.0<=7.0.13
Fortinet FortiOS>=6.4.0<=6.4.14
Fortinet FortiOS>=6.2.0<=6.2.15
Fortinet FortiOS>=6.0.0<=6.0.17
and 7 more
CVE-2024-21762
Out-of-bound Write in sslvpnd
Fortinet FortiOS
Fortinet FortiProxy>=1.0.0<2.0.14
Fortinet FortiProxy>=7.0.0<7.0.15
Fortinet FortiProxy>=7.2.0<7.2.9
Fortinet FortiProxy>=7.4.0<7.4.3
Fortinet FortiOS>=6.0.0<6.2.16
and 17 more
FG-IR-23-397
CVE-2023-44487 - Rapid Reset HTTP/2 vulnerability
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0.0<=7.0.13
Fortinet FortiProxy>=7.4.0<=7.4.1
Fortinet FortiProxy>=7.2.0<=7.2.7
Fortinet FortiProxy>=7.0
FG-IR-24-029
Format String Bug in fgfmd
Fortinet FortiOS>=7.4.0<=7.4.2
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0.0<=7.0.13
Fortinet FortiPAM>=1.2
Fortinet FortiPAM>=1.1
Fortinet FortiPAM>=1.0
and 4 more
CVE-2024-23113
Format String Bug in fgfmd
Fortinet FortiOS=6.0.x
Fortinet FortiOS
Fortinet FortiSIEM
Fortinet FortiProxy>=7.0.0<=7.0.14
Fortinet FortiProxy>=7.2.0<=7.2.8
Fortinet FortiProxy>=7.4.0<=7.4.2
and 18 more
CVE-2023-47537
Fortilink lack of certificate validation
Fortinet FortiOS SSL VPN
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0
Fortinet FortiOS>=7.0.0<7.0.14
Fortinet FortiOS>=7.2.0<=7.2.6
and 2 more
FG-IR-23-301
Fortilink lack of certificate validation
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS>=7.2.0<=7.2.6
Fortinet FortiOS>=7.0
CVE-2024-23108
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6....
Fortinet FortiSIEM>=6.4.0<=6.4.2
Fortinet FortiSIEM>=6.5.0<=6.5.2
Fortinet FortiSIEM>=6.6.0<=6.6.3
Fortinet FortiSIEM>=6.7.0<=6.7.8
Fortinet FortiSIEM>=7.0.0<=7.0.2
Fortinet FortiSIEM=7.1.0
and 3 more
CVE-2024-23109
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6....
Fortinet FortiSIEM>=6.4.0<=6.4.2
Fortinet FortiSIEM>=6.5.0<=6.5.2
Fortinet FortiSIEM>=6.6.0<=6.6.3
Fortinet FortiSIEM>=6.7.0<=6.7.8
Fortinet FortiSIEM>=7.0.0<=7.0.2
Fortinet FortiSIEM=7.1.0
and 3 more
CVE-2023-44250
Improper authorization for HA requests
Fortinet FortiProxy=7.4.0
Fortinet FortiProxy=7.4.1
Fortinet FortiOS=7.2.5
Fortinet FortiOS=7.4.0
Fortinet FortiOS=7.4.1
Fortinet FortiOS>=7.4.0<=7.4.1
and 2 more
FG-IR-23-315
Improper authorization for HA requests
Fortinet FortiOS>=7.4.0<=7.4.1
Fortinet FortiOS=.
Fortinet FortiProxy>=7.4.0<=7.4.1
CVE-2023-36639
Format String Bug in HTTPSd
Fortinet FortiProxy>=7.0.0<=7.0.10
Fortinet FortiProxy>=7.2.0<=7.2.4
Fortinet FortiOS>=6.0.0<=6.0.17
Fortinet FortiOS>=6.2.0<=6.2.15
Fortinet FortiOS>=6.4.0<=6.4.12
Fortinet FortiOS>=7.0.0<=7.0.11
and 14 more
FG-IR-23-432
Firewall deny policy bypass
Fortinet FortiOS=.
Fortinet FortiOS>=7.0
Fortinet FortiOS>=6.4
Fortinet FortiProxy>=7.2.0<=7.2.3
Fortinet FortiProxy>=7.0.0<=7.0.9
Fortinet FortiProxy>=2.0.0<=2.0.12
FG-IR-23-138
Format String Bug in HTTPSd
Fortinet FortiOS=.
Fortinet FortiOS>=7.2.0<=7.2.4
Fortinet FortiOS>=7.0.0<=7.0.11
Fortinet FortiOS>=6.4.0<=6.4.12
Fortinet FortiOS>=6.2.0<=6.2.15
Fortinet FortiOS>=6.0
and 4 more
CVE-2023-47536
Firewall deny policy bypass
Fortinet FortiProxy>=2.0.0<=2.0.12
Fortinet FortiProxy>=7.0.0<=7.0.9
Fortinet FortiProxy>=7.2.0<=7.2.3
Fortinet FortiOS>=6.4.0<=6.4.14
Fortinet FortiOS>=7.0.0<=7.0.13
Fortinet FortiOS=7.2.0
and 6 more
CVE-2023-41678
Double free in cache management
Apple Webkit
Microsoft Power Platform
Microsoft Azure Logic Apps
Microsoft Windows
Adobe Prelude
Adobe Illustrator
and 30 more
CVE-2023-28002
Bypass of root file system integrity checks at boot time on VM
Fortinet FortiProxy>=2.0.0<=2.0.13
Fortinet FortiProxy>=7.0.0<=7.0.13
Fortinet FortiProxy>=7.2.0<=7.2.7
Fortinet FortiOS>=6.0.0<=6.0.17
Fortinet FortiOS>=6.2.0<=6.2.15
Fortinet FortiOS>=6.4.0<=6.4.14
and 7 more
FG-IR-23-151
DOS in headers management
Fortinet FortiOS=.
Fortinet FortiOS>=7.2.0<=7.2.5
Fortinet FortiOS>=7.0.0<=7.0.12
Fortinet FortiOS>=6.4
Fortinet FortiOS>=6.2
Fortinet FortiOS>=6.0
and 6 more
FG-IR-22-396
Bypass of root file system integrity checks at boot time on VM
CVE-2023-36641
DOS in headers management
Fortinet FortiProxy>=1.0.0<=1.0.7
Fortinet FortiProxy>=1.1.0<=1.1.6
Fortinet FortiProxy>=1.2.0<=1.2.13
Fortinet FortiProxy>=2.0.0<=2.0.13
Fortinet FortiProxy>=7.0.0<=7.0.10
Fortinet FortiProxy>=7.2.0<=7.2.4
and 17 more
CVE-2023-37935
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services suc...
Fortinet FortiOS>=7.0.0<=7.0.12
Fortinet FortiOS>=7.2.0<=7.2.5
Fortinet FortiOS=7.4.0
CVE-2023-34992
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1...
Fortinet FortiSIEM>=6.6.0<=6.6.3
Fortinet FortiSIEM>=6.7.0<=6.7.5
Fortinet FortiSIEM=6.4.0
Fortinet FortiSIEM=6.4.1
Fortinet FortiSIEM=6.4.2
Fortinet FortiSIEM=6.5.0
and 4 more
CVE-2023-33301
An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted host.
Fortinet FortiOS>=7.2.0<=7.2.4
Fortinet FortiOS=7.4.0
CVE-2023-40718
FortiOS - IPS Engine evasion using custom TCP flags
Fortinet Fortios Ips Engine<=7.312
Fortinet FortiOS>=7.2.0<7.2.4
Fortinet Fortios Ips Engine<=7.165
Fortinet FortiOS>=7.0.0<7.0.12
Fortinet Fortios Ips Engine<=6.158
Fortinet FortiOS>=6.4.0<6.4.13
CVE-2023-41675
FortiOS & FortiProxy - Webproxy process denial of service
Fortinet FortiProxy>=7.0.0<=7.0.8
Fortinet FortiProxy=7.2.0
Fortinet FortiProxy=7.2.1
Fortinet FortiProxy=7.2.2
Fortinet FortiOS>=7.0.0<=7.0.10
Fortinet FortiOS>=7.2.0<=7.2.4
CVE-2023-41841
FortiOS - Improper authorization via prof-admin profile
Fortinet FortiOS>=7.0.0<=7.0.11
Fortinet FortiOS>=7.2.0<=7.2.4
Fortinet FortiOS>=7.2.0<=7.2.4
Fortinet FortiOS>=7.0.0<=7.0.11
CVE-2023-36555
FortiOS - HTML injection in SAML and Security Fabric components
Fortinet FortiOS>=7.2.0<=7.2.4
Fortinet FortiOS>=7.2.0<=7.2.5
CVE-2023-44487
- Rapid Reset HTTP/2 vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022
Microsoft Windows Server 2022
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
and 568 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203