📦 Fortinac

This vulnerability allows remote attackers to execute arbitrary code on Fortinet FortiNAC systems by sending specially crafted requests to the inter-server communication port. Attackers can achieve re...

CVE-2022-39952 is a critical path traversal vulnerability in Fortinet FortiNAC that allows unauthenticated attackers to execute arbitrary code or commands via specially crafted HTTP requests. This aff...

CVE-2022-38375 is an improper authorization vulnerability in Fortinet FortiNAC that allows unauthenticated attackers to perform administrative operations via crafted HTTP POST requests. This affects F...

This vulnerability allows unauthenticated attackers to perform denial-of-service (DoS) attacks on FortiNAC devices by exploiting improper access controls in client-secure renegotiation. It affects For...

This is a cross-site scripting (XSS) vulnerability in Fortinet FortiNAC network access control solutions. Attackers can inject malicious scripts via crafted HTTP requests, potentially allowing them to...

This vulnerability allows attackers to execute arbitrary commands on Fortinet FortiNAC systems by injecting malicious arguments through input parameters. It affects multiple versions of FortiNAC netwo...

This vulnerability allows authenticated attackers to perform cross-site scripting (XSS) attacks against FortiNAC network access control systems. Attackers can inject malicious scripts via crafted HTTP...

This vulnerability in FortiNAC allows authenticated attackers to access MySQL databases via the CLI when configuration files contain empty passwords. It affects multiple FortiNAC versions across sever...

This CVE describes SQL injection vulnerabilities in FortiNAC that allow authenticated attackers to execute unauthorized SQL commands via crafted string parameters. It affects multiple FortiNAC version...

This vulnerability in Fortinet FortiNAC allows attackers to gain elevated privileges by accessing sensitive system data due to incorrect permission assignments. It affects FortiNAC versions 9.2.0, 9.1...

This CVE describes a privilege escalation vulnerability in FortiNAC where an authenticated admin user can elevate privileges to root via sudo command misconfiguration. Affected organizations are those...

This command injection vulnerability in Fortinet FortiNAC allows attackers to execute arbitrary commands on affected systems via specially crafted requests to the inter-server communication port. Atta...

This vulnerability allows remote authenticated attackers to inject malicious scripts into FortiNAC web pages, enabling stored and reflected cross-site scripting (XSS) attacks. Attackers can execute ar...