Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / fortinet

fortinet

1,122 tracked vulnerabilities.

CVE-2024-40586 MEDIUM

FortiClient <7.4.0 - Privilege Escalation

CVE-2024-40584 HIGH

Fortinet FortiAnalyzer <7.4.3 - OS Command Injection

CVE-2024-36508 MEDIUM

Fortinet FortiManager <7.4.2, FortiAnalyzer <7.2.5 - Path Traversal

CVE-2024-35279 HIGH

FortiOS 7.2.4-7.2.8 and 7.4.0-7.4.4 - Unauthenticated Remote Code Execution via CAPWAP UDP Packet

CVE-2024-33504 MEDIUM

FortiManager <7.6.1 - Memory Corruption

CVE-2024-27781 HIGH

Fortinet FortiSandbox 3.0.0-4.0.4, 4.2.1-4.2.6, 4.4.0-4.4.4 - Cross-Site Scripting

CVE-2024-27780 LOW

FortiSIEM 6.7.0-6.7.8, 7.0, 7.1 - Authenticated Cross-Site Scripting via Crafted HTTP Requests

CVE-2024-50563 HIGH

Fortinet FortiManager/FortiAnalyzer <7.6.1/7.4.3 - RCE

CVE-2024-48885 MEDIUM

Fortinet FortiRecorder 7.0.0-7.0.4, 7.2.0-7.2.1; FortiVoice 6.0-6.4.9, 7.0.0-7.0.4; FortiWeb 6.4-7.6.0 - Path Traversal

CVE-2024-45331 HIGH

Fortinet FortiAnalyzer <7.4.3 - Privilege Escalation

CVE-2024-35280 MEDIUM

Fortinet FortiDeceptor 3.0-5.3.0 - Reflected Cross-Site Scripting in Recovery Endpoints

CVE-2024-56497 MEDIUM

Fortinet FortiMail <7.2.4 - Command Injection

CVE-2024-55593 LOW

FortiWeb 6.3.17-7.6.1 - SQL Injection

CVE-2024-55591 CRITICAL KEVNUCLEI

FortiProxy 7.0.0-7.0.19 and 7.2.0-7.2.12 - Authentication Bypass via Node.js Websocket Module

CVE-2024-54021 MEDIUM

FortiOS 7.2.0-7.6.0 and FortiProxy 7.2.0-7.4.5 - Unauthenticated HTTP Response Splitting via Crafted Headers

CVE-2024-52969 MEDIUM

FortiSIEM < 7.1.7 - Authenticated SQL Injection via Update/Create Case Feature

CVE-2024-52967 LOW

FortiPortal 6.0.0-6.0.14 - Cross-Site Scripting via HTML Injection

CVE-2024-52963 LOW

Fortinet FortiOS 6.4.0-6.4.15, 7.0.0-7.0.16, 7.2.0-7.2.10, 7.4.0-7.4.6, 7.6.0 - Out-of-bounds Write via Crafted Packets

CVE-2024-50566 HIGH

FortiManager 7.2.1-7.2.8 and FortiManager Cloud 7.2.2-7.2.7 - Authenticated OS Command Injection via FGFM Request

CVE-2024-50564 LOW

Fortinet FortiClientWindows <7.4.0 - Info Disclosure

CVE-2024-48893 MEDIUM

FortiSOAR 7.2.1-7.2.2, 7.3.0-7.3.3 - Authenticated Stored Cross-Site Scripting via Malicious Playbook

CVE-2024-48890 MEDIUM

FortiSOAR IMAP Connector < 3.5.8 - Authenticated OS Command Injection via Crafted Playbook

CVE-2024-48886 CRITICAL

Fortinet FortiOS/FortiProxy/FortiManager/FortiAnalyzer Cloud Weak Authentication Brute-Force

CVE-2024-48884 HIGH

Fortinet FortiManager 7.4.1-7.4.3, FortiOS 6.4.0-6.4.15 - Path Traversal & Arbitrary File Write

CVE-2024-47572 CRITICAL

Fortinet FortiSOAR <7.4.1 - Code Injection

Previous Page 10 of 45 Next

Products

fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy