📦 Fortios

This authentication bypass vulnerability allows attackers with a FortiCloud account and registered device to log into other organizations' Fortinet devices when FortiCloud SSO authentication is enable...

This vulnerability allows attackers who know an existing admin account name to bypass authentication and gain full administrative access to affected Fortinet devices. It affects FortiProxy, FortiSwitc...

This critical vulnerability allows remote unauthenticated attackers to execute arbitrary code or commands on affected Fortinet devices via crafted requests to the administrative interface. It affects ...

This vulnerability allows remote attackers to bypass authentication and gain super-admin privileges on affected Fortinet devices by sending crafted requests to the Node.js websocket module. It affects...

This vulnerability allows attackers to bypass weak authentication mechanisms in multiple Fortinet products via brute-force attacks, potentially leading to unauthorized command execution. Affected syst...

This critical vulnerability allows remote attackers to execute arbitrary code or commands on affected Fortinet devices via specially crafted HTTP requests. It affects FortiOS and FortiProxy across mul...

This critical vulnerability allows remote attackers to execute arbitrary code or commands on affected Fortinet devices by sending specially crafted packets that exploit a format string vulnerability. ...

This critical vulnerability allows remote attackers to execute arbitrary code or commands on affected Fortinet devices via specially crafted requests. An out-of-bounds write in FortiOS and FortiProxy ...

A critical stack-based buffer overflow vulnerability in Fortinet FortiOS and FortiProxy allows remote unauthenticated attackers to execute arbitrary code via specially crafted packets. This affects sy...

A heap-based buffer overflow vulnerability in Fortinet's SSL-VPN implementation allows remote attackers to execute arbitrary code via crafted requests. This affects FortiOS versions 7.2.4 and below, 7...

This vulnerability allows unauthenticated attackers to bypass LDAP authentication for Agentless VPN or FSSO policies in Fortinet FortiOS when the remote LDAP server is configured in a specific way. It...

A heap-based buffer overflow vulnerability in multiple Fortinet products allows attackers to execute arbitrary code or commands via specially crafted packets. This affects FortiOS versions 6.4.0-6.4.1...

A stack-based buffer overflow vulnerability in Fortinet FortiOS and FortiSASE allows attackers to execute arbitrary code via specially crafted packets. This affects multiple FortiOS versions from 6.0 ...

A stack-based buffer overflow vulnerability in Fortinet FortiOS allows attackers to execute arbitrary code via specially crafted packets. This affects FortiOS versions 7.6.0-7.6.3, 7.4.0-7.4.8, and al...

A heap-based buffer overflow vulnerability in Fortinet's FortiOS, FortiPAM, and FortiProxy allows authenticated users to execute arbitrary code via crafted RDP bookmark connection requests. This affec...

This vulnerability allows local authenticated attackers on affected FortiOS versions to execute arbitrary system commands through specially crafted CLI commands. The flaw stems from incorrect function...

This vulnerability allows man-in-the-middle attackers to intercept and tamper with connections to Fortinet's ZTNA proxy by exploiting improper certificate validation. It affects FortiProxy and FortiOS...

A privilege escalation vulnerability in FortiOS Security Fabric allows remote authenticated attackers with high privileges to gain super-admin access by registering the device to a malicious FortiMana...

This CVE describes an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiPAM products that allows unauthenticated attackers to take control of managed devices. Attackers can...

This CVE describes memory corruption vulnerabilities in Fortinet VPN products that could allow authenticated VPN users to execute arbitrary code or commands. The vulnerabilities stem from uninitialize...

This vulnerability allows remote unauthenticated attackers to perform cross-site scripting (XSS) attacks through the SSL VPN web interface in affected Fortinet products. Attackers can inject malicious...

A format string vulnerability in multiple Fortinet products allows privileged attackers to execute arbitrary code via crafted HTTP/HTTPS requests. This affects FortiOS, FortiProxy, FortiPAM, FortiSRA,...

This authentication bypass vulnerability in FortiOS and FortiProxy allows remote unauthenticated attackers to gain super-admin privileges on downstream devices when Security Fabric is enabled. Attacke...

A stack-based buffer overflow vulnerability in Fortinet FortiOS allows remote unauthenticated attackers to execute arbitrary code via crafted UDP packets through CAPWAP control. This affects FortiOS v...

This vulnerability allows authenticated administrators with Security Fabric permission to escalate their privileges to super-admin by connecting their FortiGate device to a malicious upstream FortiGat...

An out-of-bounds read vulnerability in FortiOS IPsec IKE service allows unauthenticated remote attackers to trigger memory consumption leading to denial of service via crafted requests. Affected syste...

This CVE describes a resource exhaustion vulnerability in FortiOS where an unauthenticated remote attacker can cause a denial-of-service by uploading multiple large files, consuming all available syst...

This session fixation vulnerability in Fortinet FortiOS allows attackers to hijack user sessions via phishing SAML authentication links. Attackers can execute unauthorized code or commands on affected...

This CVE describes a stack-based buffer overflow vulnerability in Fortinet FortiOS that allows attackers to execute arbitrary code or commands via specially crafted commands. It affects multiple Forti...

A stack-based buffer overflow vulnerability in Fortinet FortiOS allows authenticated administrative users to execute arbitrary code or commands via crafted HTTP/HTTPS requests. This affects FortiOS ve...

This vulnerability involves insufficiently protected credentials in Fortinet FortiProxy and FortiOS, allowing attackers to execute unauthorized code or commands via social engineering attacks. Affecte...

This CVE describes an authorization bypass vulnerability in FortiOS and FortiProxy SSL-VPN that allows authenticated attackers to access other users' bookmarks through URL manipulation. Attackers can ...

This vulnerability allows a read-only user to escalate privileges to read-write access through successive login attempts in FortiOS when configured with FortiAuthenticator in HA mode. It affects Forti...

A null pointer dereference vulnerability in Fortinet FortiOS and FortiProxy allows attackers to cause denial of service via specially crafted HTTP requests. This affects multiple versions of both prod...

This vulnerability allows authenticated attackers in Fortinet FortiOS and FortiProxy HA clusters to perform elevated actions through crafted HTTP/HTTPS requests. It affects organizations running vulne...

This cross-site scripting (XSS) vulnerability in Fortinet's FortiProxy and FortiOS web management interfaces allows authenticated attackers to inject and execute malicious JavaScript code via crafted ...

This vulnerability allows authenticated attackers with readonly superadmin privileges in Fortinet FortiOS and FortiProxy to intercept cleartext traffic and obtain other administrators' session cookies...

This CVE describes an out-of-bounds write vulnerability in multiple Fortinet products that allows authenticated attackers to execute arbitrary code or commands via crafted requests. Affected systems i...

This vulnerability allows unauthenticated attackers to execute cross-site scripting (XSS) attacks against Fortinet FortiOS and FortiProxy devices via crafted HTTP GET requests. Attackers can inject ma...

This CVE-2022-41335 is a relative path traversal vulnerability in Fortinet products that allows authenticated attackers to read and write arbitrary files on the underlying Linux system via crafted HTT...

This vulnerability involves hard-coded cryptographic keys in FortiOS SSLVPN that could be extracted through reverse engineering. Attackers could potentially decrypt VPN traffic or impersonate legitima...

This vulnerability allows unauthenticated attackers to perform path traversal attacks on FortiOS and FortiProxy login pages, potentially exposing sensitive server information. Attackers can inject pat...

This vulnerability allows authenticated low-privileged attackers to escalate their privileges to super_admin on affected Fortinet devices. Attackers can exploit improper access control in the autod da...

This CVE describes a format string vulnerability in Fortinet FortiOS that allows authenticated administrators to execute arbitrary code or commands via specially crafted configuration inputs. The vuln...

This HTTP request smuggling vulnerability in Fortinet FortiOS allows unauthenticated attackers to bypass firewall policies by sending specially crafted HTTP headers. Affected systems include FortiOS v...

This vulnerability allows authenticated administrators on affected Fortinet devices to retrieve certificate private keys via the admin shell. This affects FortiAnalyzer, FortiManager, FortiOS, and For...

This CVE describes an insufficient session expiration vulnerability in Fortinet FortiOS where active SSLVPN sessions are not terminated after a user's password change under specific conditions. This a...

This vulnerability allows read-only administrators to retrieve API tokens of other administrators by examining REST API logs when REST API logging is enabled. This affects Fortinet's FortiOS, FortiPro...

An authenticated attacker can access static files from other VDOMs (Virtual Domains) in affected Fortinet products by sending specially crafted HTTP/HTTPS requests. This improper authorization vulnera...

This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS) attacks against Fortinet FortiOS, FortiProxy, and FortiSASE products via crafted HTTP requests. Atta...

This vulnerability allows attackers with access to SAML session records to re-open terminated sessions, potentially regaining access to FortiOS SSL VPN. Affected systems include FortiOS SSL VPN versio...

This vulnerability allows an unauthenticated attacker to repeatedly reset the fgfm connection via crafted SSL encrypted TCP requests, causing denial of service. Affected systems include FortiOS, Forti...

This CVE describes a stack-based buffer overflow vulnerability in Fortinet FortiOS that allows attackers to execute arbitrary code or commands via specially crafted CLI commands. The vulnerability aff...

This CVE describes an authentication bypass vulnerability in FortiOS and FortiProxy that allows authenticated attackers to elevate privileges via malicious Webhook actions in the Automation Stitch com...

An integer overflow vulnerability in Fortinet SSL-VPN RDP/VNC bookmarks allows authenticated users to craft requests that may crash the SSL-VPN service, causing denial of service. This affects FortiOS...

A double free vulnerability in multiple Fortinet products allows privileged attackers to execute arbitrary code or commands via crafted HTTP/HTTPS requests. This affects FortiOS, FortiPAM, and FortiPr...

A heap-based buffer overflow vulnerability in Fortinet FortiOS allows authenticated attackers to escalate privileges via specially crafted CLI commands. This affects FortiOS versions 7.6.0-7.6.2, 7.4....

This vulnerability allows remote unauthenticated attackers to bypass DNS filtering protections on Fortinet devices when Apple devices are used. It affects FortiOS and FortiProxy across multiple versio...

This vulnerability allows authenticated SSL-VPN users to access full SSL-VPN configuration settings through specially crafted URLs. It affects FortiOS versions 7.6.0, 7.4.7 and below, 7.2.x, 7.0.x, an...

This CVE describes an improper privilege management vulnerability in multiple Fortinet products where authenticated users with read-only admin permissions can escalate to super-admin privileges via cr...

This vulnerability allows attackers who have obtained SSL-VPN session cookies to reuse them even after sessions have expired or been logged out. It affects FortiOS SSL-VPN in multiple versions, potent...

An integer overflow vulnerability in Fortinet FortiOS allows remote unauthenticated attackers to crash the csfd daemon via specially crafted requests. This affects FortiOS versions 7.2.0-7.2.7 and 7.0...

This vulnerability allows an unauthenticated attacker on the same network as a FortiGate firewall to inject malicious scripts via crafted DHCP packets. The attack targets the DHCP monitor page's hostn...

This vulnerability allows authenticated remote attackers to inject malicious scripts into the SSL VPN portal of affected Fortinet devices. When other users access the compromised portal pages, the scr...

This vulnerability allows attackers to poison web caches by sending crafted HTTP requests with malicious Host headers to Fortinet devices. Attackers can redirect users to arbitrary malicious servers, ...

This CVE describes a resource allocation vulnerability in FortiOS that allows remote unauthenticated attackers to send specially crafted requests to specific endpoints, causing denial of service by pr...

A null pointer dereference vulnerability in FortiOS allows attackers to cause denial of service via specially crafted HTTP requests. This affects FortiOS versions 6.0 through 7.4.1 across multiple rel...

This CVE allows authenticated IPSec VPN users with dynamic IP addressing to send spoofed packets appearing to come from other VPN users. It affects Fortinet FortiOS versions 7.4.0-7.4.1 and 7.2.6 and ...

A stack-based buffer overflow vulnerability in FortiOS SSL VPN under non-default configurations allows authenticated remote attackers to crash the FortiClient NAC daemon (fcnacd) and potentially execu...

A heap-based buffer overflow vulnerability in FortiGate's SSL VPN daemon allows remote attackers with valid SSL VPN credentials to crash the service by sending a specially crafted Link Control Protoco...

This CVE describes an injection vulnerability in Fortinet's SSL-VPN web user interface that could allow remote unauthenticated attackers to perform phishing attempts. The vulnerability affects FortiOS...

This vulnerability allows unauthenticated attackers to execute arbitrary code or commands on affected Fortinet devices by sending specially crafted packets. It affects multiple Fortinet products inclu...

This CVE describes an improper access control vulnerability in FortiOS that allows an attacker with existing write access to the system to bypass file integrity checking. The vulnerability affects mul...

This CVE describes an improper privilege management vulnerability in multiple Fortinet products that allows authenticated administrators to bypass trusted host policies via crafted CLI commands. The v...