📦 Fortivoice

This SQL injection vulnerability in Fortinet FortiVoice allows authenticated privileged attackers to execute unauthorized SQL commands via crafted requests. Affected versions include FortiVoice 7.2.0-...

This SQL injection vulnerability in Fortinet FortiVoice allows authenticated attackers to execute arbitrary SQL commands via crafted HTTP/HTTPS requests. Affected systems include FortiVoice versions 7...

Two OS command injection vulnerabilities in Fortinet FortiVoice allow privileged attackers to execute arbitrary commands via crafted HTTP/HTTPS or CLI requests. This affects FortiVoice versions 7.2.0,...

This SQL injection vulnerability in FortiVoice Enterprise allows authenticated attackers to execute arbitrary SQL commands via crafted HTTP/HTTPS requests. Affected systems include FortiVoice Enterpri...

This vulnerability allows authenticated attackers to bypass authorization controls and access other users' SIP configuration data on FortiVoiceEnterprise systems. Attackers can exploit this by craftin...

This CSRF vulnerability allows remote unauthenticated attackers to trick authenticated administrators into executing malicious CLI commands via crafted GET requests. Affected systems include multiple ...

This path traversal vulnerability in Fortinet FortiVoice allows privileged attackers to delete arbitrary files from the underlying filesystem via crafted HTTP/HTTPS requests. Affected systems include ...

This vulnerability allows remote unauthenticated attackers to obtain sensitive software version information from multiple Fortinet products by reading a JavaScript file. This affects FortiDDoS, FortiD...

This vulnerability allows attackers to poison web caches by sending crafted HTTP requests with malicious Host headers to Fortinet devices. Attackers can redirect users to arbitrary malicious servers, ...

This path traversal vulnerability (CWE-22) in multiple Fortinet products allows attackers to escalate privileges by sending specially crafted packets. Affected systems include FortiRecorder, FortiVoic...

This CVE describes an OS command injection vulnerability in Fortinet FortiVoice phone systems. Authenticated privileged attackers can execute arbitrary commands on affected devices via crafted CLI req...