📦 Fortiadc

This CVE describes an OS command injection vulnerability in Fortinet FortiADC that allows authenticated attackers with low privileges to execute arbitrary commands via crafted HTTP parameters. The vul...

This OS command injection vulnerability in FortiADC allows authenticated attackers to execute arbitrary operating system commands via specially crafted HTTP requests. It affects multiple FortiADC vers...

This is a stored cross-site scripting (XSS) vulnerability in FortiADC's web management interface. Authenticated attackers can inject malicious scripts via HTTP/HTTPS requests that execute when adminis...

This CVE describes an improper certificate validation vulnerability in FortiADC that allows remote unauthenticated attackers to perform Man-in-the-Middle attacks. The vulnerability affects communicati...

An improper authorization vulnerability in Fortinet FortiADC allows low-privileged users to read or backup the full system configuration via HTTP/HTTPS requests. This exposes sensitive configuration d...

This CVE describes an OS command injection vulnerability in Fortinet management interfaces that allows authenticated users with READ permissions to execute arbitrary shell commands. The vulnerability ...

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on FortiADC devices by exploiting improper input sanitization in the management interface. Attackers ca...

This CVE describes OS command injection vulnerabilities in Fortinet products that allow local authenticated attackers to execute arbitrary shell commands with root privileges via crafted CLI requests....

This vulnerability allows authenticated attackers to execute arbitrary operating system commands on FortiADC devices by injecting malicious arguments into legitimate commands. It affects FortiADC vers...

This CVE-2022-40679 is an OS command injection vulnerability in multiple Fortinet products that allows authenticated attackers to execute arbitrary commands via crafted arguments. It affects FortiADC ...

This CVE describes an OS command injection vulnerability in Fortinet FortiADC that allows authenticated attackers to execute arbitrary shell commands with root privileges via CLI commands. The vulnera...

This vulnerability allows read-only administrators in Fortinet FortiADC to access external resource passwords through system logs. It affects multiple FortiADC versions from 6.2 through 7.4.0. The exp...

An authenticated attacker can execute arbitrary code on FortiADC devices by sending specially crafted HTTP requests that trigger an out-of-bounds write vulnerability. This affects FortiADC versions 6....

An authenticated attacker can access sensitive information on vulnerable FortiADC devices by sending specially crafted HTTP/HTTPS requests. This affects FortiADC versions 7.4.0, 7.2.3 and below, 7.1.4...

This vulnerability allows attackers to poison web caches by sending crafted HTTP requests with malicious Host headers to Fortinet devices. Attackers can redirect users to arbitrary malicious servers, ...

An improper access control vulnerability in Fortinet FortiADC allows authenticated read-only users to perform unauthorized write actions via crafted HTTP/HTTPS requests. This affects FortiADC versions...