fortinet

1,136 tracked vulnerabilities.

CVE-2021-42756 CRITICAL
FortiWeb <=6.4.x Unauthenticated Remote Code Execution via Crafted HTTP Requests
Feb 16, 2023
CVSS 9.8
EPSS 0.36
CVE-2021-44171 CRITICAL
FortiOS 6.0.0-6.0.14, 6.2.0-6.2.10, 6.4.0-6.4.8, 7.0.0-7.0.3 - OS Command Injection via Diagnostic CLI Commands
Oct 10, 2022
CVSS 9.0
EPSS 0.02
CVE-2021-43080 MEDIUM
FortiOS 6.4.0-6.4.9, 7.0.0-7.0.5, 7.2.0 - Stored XSS via Threat Feed IP Address
Sep 06, 2022
CVSS 4.6
EPSS 0.00
CVE-2021-43076 MEDIUM
FortiADC <6.2.1-5.3.7 - Privilege Escalation
Sep 06, 2022
CVSS 6.3
EPSS 0.00
CVE-2021-41031 HIGH
FortiClient for Windows <7.0.2-6.4.6-6.2.9 - Path Traversal
Jul 18, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-22131 MEDIUM
FortiToken Mobile <= 5.0.3 (Android), <= 5.2.0 (iOS), <= 4.0.3 (Windows) - Improper Certificate Validation
Jul 18, 2022
CVSS 6.4
EPSS 0.00
CVE-2021-44170 MEDIUM
FortiProxy < 1.0.7 and FortiOS < 6.0.14 - Authenticated Stack-Based Buffer Overflow via Command Line Arguments
Jul 18, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-42755 MEDIUM
FortiProxy 7.0.0, < 2.0.7, 1.2.x, 1.1.x, 1.0.x - Unauthenticated Denial of Service via Integer Overflow in dhcpd Daemon
Jul 18, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-43066 HIGH
FortiClientWindows < 6.4.7 - Privilege Escalation via MSI Installer
May 11, 2022
CVSS 8.4
EPSS 0.00
CVE-2021-44167 MEDIUM
FortiClient for Linux <= 7.0.2 - Unauthenticated Sensitive Information Exposure via Symbolic Links
May 11, 2022
CVSS 6.8
EPSS 0.00
CVE-2021-43081 MEDIUM
FortiOS <7.0.3,6.4.8,6.2.10,6.0.14-6.0.0 - XSS
May 11, 2022
CVSS 6.1
EPSS 0.01
CVE-2021-43206 MEDIUM
Fortinet FortiOS <7.0.4 - Info Disclosure
May 04, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-41032 MEDIUM
FortiOS <6.4.8, <7.0.3 - Info Disclosure
May 04, 2022
CVSS 6.3
EPSS 0.01
CVE-2021-41020 HIGH
FortiIsolator <2.3.2 - Privilege Escalation
May 04, 2022
CVSS 8.8
EPSS 0.01
CVE-2021-41026 MEDIUM
FortiWeb <6.4.1-6.3.15 - Path Traversal
Apr 06, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-32585 HIGH
FortiWAN < 4.5.9 - Stored Cross-Site Scripting via Crafted HTTP Requests
Apr 06, 2022
CVSS 7.2
EPSS 0.01
CVE-2021-26116 MEDIUM
FortiAuthenticator < 6.3.1 - Authenticated OS Command Injection via Command Line Interpreter
Apr 06, 2022
CVSS 6.7
EPSS 0.01
CVE-2021-26113 MEDIUM
FortiWAN < 4.5.9 - Use of Password Hash With Insufficient Computational Effort
Apr 06, 2022
CVSS 6.2
EPSS 0.00
CVE-2021-26104 HIGH
FortiAnalyzer 5.6.0-6.0.10 and FortiManager 5.6.0-6.0.10 - Authenticated OS Command Injection via CLI Command Parameters
Apr 06, 2022
CVSS 7.8
EPSS 0.03
CVE-2021-22127 HIGH
FortiClient for Linux < 6.2.9 - Unauthenticated Remote Code Execution via Malicious Network Name
Apr 06, 2022
CVSS 7.1
EPSS 0.00
CVE-2021-44169 HIGH
Fortinet FortiClient <6.0.10, <6.2.9, <6.4.7, <7.0.3 - Privilege Es...
Apr 06, 2022
CVSS 8.2
EPSS 0.00
CVE-2021-43205 MEDIUM
FortiClient for Linux <7.0.2, <6.4.7, <6.2.9 - Info Disclosure
Apr 06, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-32593 MEDIUM
FortiWAN < 4.5.8 - Unauthenticated Use of a Broken or Risky Cryptographic Algorithm in Dynamic Tunnel Protocol
Apr 06, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-26114 CRITICAL
FortiWAN < 4.5.8 - Unauthenticated SQL Injection via HTTP Requests
Apr 06, 2022
CVSS 9.8
EPSS 0.01
CVE-2021-26112 HIGH
FortiWAN < 4.5.8 - Unauthenticated Stack-based Buffer Overflow via Crafted Requests
Apr 06, 2022
CVSS 8.1
EPSS 0.02