fortinet
1,136 tracked vulnerabilities.
CVE-2022-40675
MEDIUM
Fortinet FortiNAC 8.3.7-9.4.1 - Cryptographic Issues
Feb 16, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-39954
HIGH
FortiNAC 8.3.7-9.4.1 - XML External Entity Injection via Crafted XML Documents
Feb 16, 2023
CVSS 7.3
EPSS 0.01
CVE-2022-39952
CRITICAL
NUCLEI
Fortinet FortiNAC keyUpload.jsp arbitrary file write
Feb 16, 2023
CVSS 9.8
EPSS 1.00
CVE-2022-39948
MEDIUM
FortiOS 6.0.0-7.0.7 and FortiProxy 1.2.0-2.0.8 - Unauthenticated Man-in-the-Middle via Improper Certificate Validation
Feb 16, 2023
CVSS 4.8
EPSS 0.00
CVE-2022-38378
MEDIUM
Fortinet FortiOS <7.2.0-7.0.7 - Privilege Escalation
Feb 16, 2023
CVSS 4.2
EPSS 0.00
CVE-2022-38376
MEDIUM
Fortinet FortiNAC < 9.4.1 - Cross-Site Scripting via Crafted HTTP Requests
Feb 16, 2023
CVSS 6.1
EPSS 0.01
CVE-2022-38375
CRITICAL
Fortinet FortiNAC <9.4.1 - Auth Bypass
Feb 16, 2023
CVSS 9.1
EPSS 0.01
CVE-2022-33871
MEDIUM
FortiWeb <=7.0.1/6.4/6.3.19 Authenticated Stack Overflow via CLI Backup
Feb 16, 2023
CVSS 6.6
EPSS 0.01
CVE-2022-33869
HIGH
FortiWAN <4.5.9 - Command Injection
Feb 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2022-30306
MEDIUM
FortiWeb 6.3.6-6.3.19, 6.4, <=7.0.1 - Authenticated Stack-based Buffer Overflow via CA Sign Password
Feb 16, 2023
CVSS 6.6
EPSS 0.01
CVE-2022-30304
MEDIUM
FortiAnalyzer < 7.2.1, < 7.0.4, < 6.4.8 - Stored XSS via FortiWeb Attack Event Logview URL
Feb 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2022-30303
HIGH
FortiWeb 6.3.0-6.3.19, 6.4, 7.0.0-7.0.1 - Authenticated OS Command Injection via Crafted HTTP Requests
Feb 16, 2023
CVSS 8.8
EPSS 0.03
CVE-2022-30300
MEDIUM
FortiWeb 6.3.6-6.3.18, 7.0.0-7.0.1 - Authenticated Path Traversal via HTTP GET Request
Feb 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-30299
MEDIUM
FortiWeb 6.0.0-6.0.7, 6.1-6.3.19, 6.4, 7.0.0-7.0.1 - Authenticated Path Traversal via API
Feb 16, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-29054
LOW
Fortinet FortiOS <7.2.0 - Info Disclosure
Feb 16, 2023
CVSS 3.3
EPSS 0.00
CVE-2022-27489
HIGH
FortiExtender 7.0.0-7.0.3, 5.3.2, 4.2.4 and below - OS Command Injection via Crafted HTTP Requests
Feb 16, 2023
CVSS 7.2
EPSS 0.01
CVE-2022-27482
HIGH
FortiADC 5.x.x-7.0.1 - OS Command Injection via CLI Commands
Feb 16, 2023
CVSS 7.8
EPSS 0.01
CVE-2022-26115
MEDIUM
FortiSandbox <4.2.0 - Info Disclosure
Feb 16, 2023
CVSS 5.9
EPSS 0.00
CVE-2022-45857
MEDIUM
FortiManager <6.4.6 - Privilege Escalation
Jan 05, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-42471
MEDIUM
FortiWeb 6.3.6-6.3.20, 6.4.0-6.4.2, 7.0.0-7.0.2 - Authenticated HTTP Response Splitting
Jan 03, 2023
CVSS 5.4
EPSS 0.00
CVE-2022-41336
MEDIUM
FortiPortal 5.0.0-5.0.2 and 6.0.0-6.0.11 - Authenticated Stored Cross-Site Scripting via Column Index Parameter
Jan 03, 2023
CVSS 6.8
EPSS 0.01
CVE-2022-39947
HIGH
FortiADC OS Command Injection via Crafted HTTP Requests
Jan 03, 2023
CVSS 8.8
EPSS 0.03
CVE-2022-35845
HIGH
FortiTester <4.2.0 - Command Injection
Jan 03, 2023
CVSS 7.8
EPSS 0.01
CVE-2022-42475
CRITICAL
KEVNUCLEI
FortiOS 5.0.0-5.0.13 and FortiProxy 1.0.0-1.0.6 - Heap-Based Buffer Overflow via SSL-VPN Requests
Jan 02, 2023
CVSS 9.8
EPSS 0.99
CVE-2022-40680
MEDIUM
FortiOS 6.0.7-6.0.15, 6.2.2-6.2.12, 6.4.0-6.4.9, 7.0.0-7.0.3 - Stored Cross-Site Scripting via Replacement Messages
Dec 06, 2022
CVSS 4.0
EPSS 0.00
Products
fortios 271
fortiweb 124
fortiproxy 121
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 30
FortiProxy 29
fortimanager_cloud 27
fortipam 26
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters