fortinet
1,122 tracked vulnerabilities.
CVE-2022-27484
MEDIUM
FortiADC 5.0.0-6.2.3 - Authenticated Password Change Bypass via Crafted HTTP Request
Aug 03, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-23442
MEDIUM
FortiOS <7.0.5 - Privilege Escalation
Aug 03, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-30302
MEDIUM
FortiDeceptor <=4.0.1 Authenticated Path Traversal & Arbitrary File Deletion
Jul 19, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-30301
HIGH
FortiAP-U 5.4.0-5.4.6, 6.0.0-6.0.4, 6.2.0-6.2.3 - Authenticated Path Traversal via CLI Commands
Jul 19, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-29060
HIGH
FortiDDoS API <5.5.1 - Code Injection
Jul 19, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-29057
MEDIUM
Fortinet FortiEDR <5.1.0, 5.0.3-4.0.0 - XSS
Jul 19, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-27483
HIGH
FortiAnalyzer/FortiManager OS Command Injection via Diagnose System CLI
Jul 19, 2022
CVSS 7.2
EPSS 0.05
CVE-2022-26113
HIGH
FortiClientWindows <7.0.3-6.4.7-6.2.9-6.0.10 - Privilege Escalation
Jul 19, 2022
CVSS 7.7
EPSS 0.00
CVE-2022-26120
MEDIUM
FortiADC 5.0.0-6.2.2 and 7.0.0-7.0.1 - Authenticated SQL Injection via HTTP Requests
Jul 18, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-26118
MEDIUM
FortiManager & FortiAnalyzer <7.0.4 - Privilege Escalation
Jul 18, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-26117
HIGH
FortiNAC <=9.2.3 Authenticated MySQL Database Access via Empty Password
Jul 18, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-23438
MEDIUM
FortiOS < 6.4.9 - Unauthenticated Reflected Cross-Site Scripting in Captive Portal Authentication Page
Jul 18, 2022
CVSS 4.7
EPSS 0.01
CVE-2022-22304
MEDIUM
FortiAuthenticator OWA Agent 2.1-2.2 - Unauthenticated XSS via HTTP GET
Jul 18, 2022
CVSS 6.1
EPSS 0.02
CVE-2022-22306
MEDIUM
FortiOS 6.0.0-6.0.14, 6.2.0-6.2.10, 6.4.0-6.4.8, 7.0.0 - MITM via Improper Certificate Validation
May 24, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-26116
HIGH
FortiNAC <= 8.3.7, 8.5.2, 8.5.4, 8.6.0, <= 8.6.5, <= 8.7.6, <= 8.8.11, <= 9.1.5, <= 9.2.2 - Authenticated SQL Injection
May 11, 2022
CVSS 7.2
EPSS 0.00
CVE-2022-23443
HIGH
Fortinet FortiSOAR <7.2.0 - Info Disclosure
May 04, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-23440
HIGH
FortiEDR 4.0.0-5.0.2 - Use of Hard-coded Cryptographic Key in Registration Mechanism
Apr 06, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-23446
MEDIUM
Fortinet FortiEDR <= 5.0.3 - Denial of Service via Root Directory Permission Change
Apr 06, 2022
CVSS 4.4
EPSS 0.00
CVE-2022-23441
CRITICAL
FortiEDR 4.0.0, 5.0.0-5.0.2 - Unauthenticated Message Forgery via Hard-coded Cryptographic Key
Apr 06, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-22303
LOW
FortiManager <7.0.2-6.2.9 - Info Disclosure
Mar 02, 2022
CVSS 2.8
EPSS 0.00
CVE-2022-22301
HIGH
FortiAP-C <5.4.3, <5.2.1 - Command Injection
Mar 02, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22300
MEDIUM
Fortinet FortiAnalyzer/FortiManager <7.0.3 - Privilege Escalation
Mar 01, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-24008
MEDIUM
FortiMail < 6.0.10, FortiDDoS < 5.4.3, FortiVoice < 6.0.7, FortiRecorder < 6.0.4 - Sensitive Info Exposure
Mar 28, 2025
CVSS 5.3
EPSS 0.00
CVE-2021-26105
MEDIUM
FortiSandbox <= 3.1.4 and <= 3.2.2 - Authenticated Stack-Based Buffer Overflow via Profile Parser
Mar 24, 2025
CVSS 6.8
EPSS 0.00
CVE-2021-26091
HIGH
FortiMail <6.4.4/<6.2.7 - Info Disclosure
Mar 24, 2025
CVSS 7.5
EPSS 0.00
Products
fortios 267
fortiweb 124
fortiproxy 117
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 58
fortimail 46
fortiportal 44
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 29
fortimanager_cloud 27
fortipam 25
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
FortiOS 13
fortianalyzer_big_data 13
forticlientems 13
fortianalyzer_firmware 12
Quick Filters