Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / fortinet

fortinet

1,122 tracked vulnerabilities.

CVE-2023-29177 MEDIUM

FortiADC < 7.1.2 and FortiDDoS-F < 6.4.1 - Authenticated Remote Code Execution via CLI Requests

CVE-2023-25603 MEDIUM

FortiADC 7.1.0-7.1.1 and FortiDDoS-F 6.3.0-6.3.4, 6.4.0-6.4.1 - Permissive Cross-domain Policy with Untrusted Domains

CVE-2023-45585 LOW

FortiSIEM <=7.0.0 - Authenticated Sensitive Information Disclosure in Debug Log Files

CVE-2023-45582 MEDIUM

FortiMail 6.2.0-6.2.8, 7.0.0-7.0.6, 7.2.0-7.2.4 - Unauthenticated Brute Force Attack via Repeated Login Attempts

CVE-2023-44248 MEDIUM

FortiEDRCollectorWindows <= 5.2.0.4549, <= 5.0.3.1007, 4.0 - Local Denial of Service via Registry Key Tampering

CVE-2023-42783 HIGH

Fortinet FortiWLM 8.2.2-8.6.5 - Relative Path Traversal via Crafted HTTP Requests

CVE-2023-41840 HIGH

FortiClientWindows 7.0.9 - DLL Hijack via OpenSSL Engine Library Search Path

CVE-2023-41676 MEDIUM

FortiSIEM < 6.7.5 and 7.0.0 - Unauthenticated Sensitive Information Exposure via Windows Agent Logs

CVE-2023-36641 MEDIUM

FortiProxy & FortiOS DoS via Crafted HTTP Requests

CVE-2023-36633 MEDIUM

FortiMail <7.2.2, >7.0.4 - Auth Bypass

CVE-2023-36553 CRITICAL

Fortinet FortiSIEM <5.4.0-5.0.1 - Command Injection

CVE-2023-34991 CRITICAL

FortiWLM 8.2.2-8.6.5 - SQL Injection via Crafted HTTP Request

CVE-2023-33304 MEDIUM

Fortinet FortiClient <7.0.10, >7.2.1 - Info Disclosure

CVE-2023-28002 MEDIUM

FortiOS <7.2.3, <7.0.12, all 6.x - Code Injection

CVE-2023-26205 HIGH

FortiADC <7.1.2 - Privilege Escalation

CVE-2023-44256 MEDIUM

FortiAnalyzer/FortiManager SSRF via Crafted HTTP Request

CVE-2023-41843 HIGH

FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests

CVE-2023-41836 LOW

FortiSandbox 3.0.4-3.0.7, 3.1, 3.2, 4.0, 4.2.1-4.2.4, 4.4.0 - Cross-Site Scripting via Crafted HTTP Requests

CVE-2023-41682 HIGH

FortiSandbox 2.4-4.4.0 - Path Traversal and Denial of Service via Crafted HTTP Requests

CVE-2023-41681 HIGH

FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests

CVE-2023-41680 HIGH

FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests

CVE-2023-33303 HIGH

Fortinet FortiEDR 5.0.0-5.0.1 - Insufficient Session Expiration via API Request

CVE-2023-44249 MEDIUM

FortiAnalyzer and FortiManager < 7.2.3 - Authorization Bypass via Crafted HTTP Requests

CVE-2023-42788 HIGH

FortiAnalyzer/FortiManager OS Command Injection via CLI Arguments

CVE-2023-42787 MEDIUM

Fortinet FortiManager <7.2.3, FortiAnalyzer <7.2.3 - RCE

Previous Page 18 of 45 Next

Products

fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy