fortinet

1,136 tracked vulnerabilities.

CVE-2022-23438 MEDIUM
FortiOS < 6.4.9 - Unauthenticated Reflected Cross-Site Scripting in Captive Portal Authentication Page
Jul 18, 2022
CVSS 4.7
EPSS 0.01
CVE-2022-22304 MEDIUM
FortiAuthenticator OWA Agent 2.1-2.2 - Unauthenticated XSS via HTTP GET
Jul 18, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-22306 MEDIUM
FortiOS 6.0.0-6.0.14, 6.2.0-6.2.10, 6.4.0-6.4.8, 7.0.0 - MITM via Improper Certificate Validation
May 24, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-26116 HIGH
FortiNAC <= 8.3.7, 8.5.2, 8.5.4, 8.6.0, <= 8.6.5, <= 8.7.6, <= 8.8.11, <= 9.1.5, <= 9.2.2 - Authenticated SQL Injection
May 11, 2022
CVSS 7.2
EPSS 0.01
CVE-2022-23443 HIGH
Fortinet FortiSOAR <7.2.0 - Info Disclosure
May 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-23440 HIGH
FortiEDR 4.0.0-5.0.2 - Use of Hard-coded Cryptographic Key in Registration Mechanism
Apr 06, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-23446 MEDIUM
Fortinet FortiEDR <= 5.0.3 - Denial of Service via Root Directory Permission Change
Apr 06, 2022
CVSS 4.4
EPSS 0.00
CVE-2022-23441 CRITICAL
FortiEDR 4.0.0, 5.0.0-5.0.2 - Unauthenticated Message Forgery via Hard-coded Cryptographic Key
Apr 06, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-22303 LOW
FortiManager <7.0.2-6.2.9 - Info Disclosure
Mar 02, 2022
CVSS 2.8
EPSS 0.00
CVE-2022-22301 HIGH
FortiAP-C <5.4.3, <5.2.1 - Command Injection
Mar 02, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22300 MEDIUM
Fortinet FortiAnalyzer/FortiManager <7.0.3 - Privilege Escalation
Mar 01, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-24008 MEDIUM
FortiMail < 6.0.10, FortiDDoS < 5.4.3, FortiVoice < 6.0.7, FortiRecorder < 6.0.4 - Sensitive Info Exposure
Mar 28, 2025
CVSS 5.3
EPSS 0.00
CVE-2021-26105 MEDIUM
FortiSandbox <= 3.1.4 and <= 3.2.2 - Authenticated Stack-Based Buffer Overflow via Profile Parser
Mar 24, 2025
CVSS 6.8
EPSS 0.00
CVE-2021-26091 HIGH
FortiMail <6.4.4/<6.2.7 - Info Disclosure
Mar 24, 2025
CVSS 7.5
EPSS 0.00
CVE-2021-32584 MEDIUM
FortiWLC <=8.6.0 Unauthenticated Improper Access Control via Web Management CGI
Mar 17, 2025
CVSS 5.3
EPSS 0.01
CVE-2021-26087 MEDIUM
FortiWLC <= 8.6.0, <= 8.5.3, <= 8.4.8, <= 8.3.3 - Stored Cross-Site Scripting via Web Interface
Mar 17, 2025
CVSS 4.3
EPSS 0.00
CVE-2021-22126 MEDIUM
FortiWLC 8.2.6-8.2.7, 8.3.2-8.3.3, <=8.4.8, <=8.5.2 - Authenticated Hard-Coded Password Use
Mar 17, 2025
CVSS 6.7
EPSS 0.00
CVE-2021-26102 CRITICAL
FortiWAN 4.4.0-4.5.7 - Unauthenticated Path Traversal via Crafted POST Request
Dec 19, 2024
CVSS 9.8
EPSS 0.16
CVE-2021-32589 HIGH
FortiAnalyzer and FortiManager - Use-After-Free via fgfm Port Request
Dec 19, 2024
CVSS 8.1
EPSS 0.09
CVE-2021-26115 HIGH
FortiWAN < 4.5.8 - Authenticated Privilege Escalation via Command Line Interface Command Injection
Dec 19, 2024
CVSS 7.8
EPSS 0.01
CVE-2021-26093 HIGH
FortiWLC <8.6.0 - Memory Corruption
Dec 19, 2024
CVSS 7.3
EPSS 0.00
CVE-2021-44172 MEDIUM
FortiClientEMS 6.2.0-6.2.8, 6.4.x, 7.0.0-7.0.4, 7.0.6-7.0.7 - Sensitive Information Exposure via Management Interface
Sep 13, 2023
CVSS 4.3
EPSS 0.01
CVE-2021-43072 MEDIUM
Fortinet FortiAnalyzer <7.0.2 - Buffer Overflow
Jul 18, 2023
CVSS 6.7
EPSS 0.00
CVE-2021-43074 MEDIUM
FortiProxy < 2.0.8 - Improper Verification of Cryptographic Signature
Feb 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2021-42761 CRITICAL
FortiWeb 5.9.0-5.9.1, 6.0.0-6.0.7, 6.1.0-6.1.2, 6.2.0-6.2.6, 6.3.0-6.3.16, 6.4 - Unauthenticated Session Fixation
Feb 16, 2023
CVSS 9.0
EPSS 0.01