fortinet

1,122 tracked vulnerabilities.

CVE-2021-41026 MEDIUM
FortiWeb <6.4.1-6.3.15 - Path Traversal
Apr 06, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-32585 HIGH
FortiWAN < 4.5.9 - Stored Cross-Site Scripting via Crafted HTTP Requests
Apr 06, 2022
CVSS 7.2
EPSS 0.00
CVE-2021-26116 MEDIUM
FortiAuthenticator < 6.3.1 - Authenticated OS Command Injection via Command Line Interpreter
Apr 06, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-26113 MEDIUM
FortiWAN < 4.5.9 - Use of Password Hash With Insufficient Computational Effort
Apr 06, 2022
CVSS 6.2
EPSS 0.00
CVE-2021-26104 HIGH
FortiAnalyzer 5.6.0-6.0.10 and FortiManager 5.6.0-6.0.10 - Authenticated OS Command Injection via CLI Command Parameters
Apr 06, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-22127 HIGH
FortiClient for Linux < 6.2.9 - Unauthenticated Remote Code Execution via Malicious Network Name
Apr 06, 2022
CVSS 7.1
EPSS 0.00
CVE-2021-44169 HIGH
Fortinet FortiClient <6.0.10, <6.2.9, <6.4.7, <7.0.3 - Privilege Es...
Apr 06, 2022
CVSS 8.2
EPSS 0.00
CVE-2021-43205 MEDIUM
FortiClient for Linux <7.0.2, <6.4.7, <6.2.9 - Info Disclosure
Apr 06, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-32593 MEDIUM
FortiWAN < 4.5.8 - Unauthenticated Use of a Broken or Risky Cryptographic Algorithm in Dynamic Tunnel Protocol
Apr 06, 2022
CVSS 6.5
EPSS 0.00
CVE-2021-26114 CRITICAL
FortiWAN < 4.5.8 - Unauthenticated SQL Injection via HTTP Requests
Apr 06, 2022
CVSS 9.8
EPSS 0.01
CVE-2021-26112 HIGH
FortiWAN < 4.5.8 - Unauthenticated Stack-based Buffer Overflow via Crafted Requests
Apr 06, 2022
CVSS 8.1
EPSS 0.01
CVE-2021-24009 HIGH
FortiWAN < 4.5.8 - Authenticated OS Command Injection via Web GUI
Apr 06, 2022
CVSS 7.2
EPSS 0.00
CVE-2021-43070 MEDIUM
FortiWLM <8.6.2-8.3.3 - Path Traversal
Mar 02, 2022
CVSS 5.4
EPSS 0.00
CVE-2021-44166 MEDIUM
FortiToken Mobile <5.1.0 - Privilege Escalation
Mar 02, 2022
CVSS 4.1
EPSS 0.00
CVE-2021-43077 HIGH
Fortinet FortiWLM <8.6.2 - SQL Injection
Mar 01, 2022
CVSS 8.8
EPSS 0.01
CVE-2021-43075 HIGH
Fortinet FortiWLM <8.6.2-<8.5.2-<8.4.2-<8.3.2 - Command Injection
Mar 01, 2022
CVSS 8.8
EPSS 0.01
CVE-2021-32586 HIGH
FortiMail < 7.0.1 - Unauthenticated Environment Variable Injection via Web Server CGI
Mar 01, 2022
CVSS 7.7
EPSS 0.00
CVE-2021-36171 HIGH
FortiPortal <6.0.6 - Info Disclosure
Mar 01, 2022
CVSS 8.1
EPSS 0.00
CVE-2021-36166 CRITICAL
FortiMail < 7.0.1 - Authentication Token Brute-Force via System Property Observation
Mar 01, 2022
CVSS 9.8
EPSS 0.01
CVE-2021-26092 MEDIUM
FortiProxy 1.2.0-1.2.9 & FortiOS 5.2.10-5.2.15 - Reflected XSS via Error Page
Feb 24, 2022
CVSS 4.7
EPSS 0.01
CVE-2021-41018 HIGH
Fortinet FortiWeb <6.4.1, <6.3.15 - Command Injection
Feb 02, 2022
CVSS 8.8
EPSS 0.00
CVE-2021-36193 MEDIUM
FortiWeb 5.0.0-6.2.6 - Authenticated Stack-based Buffer Overflow via Command Line Interpreter
Feb 02, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-43073 HIGH
Fortinet FortiWeb <6.4.1 - Command Injection
Feb 02, 2022
CVSS 8.8
EPSS 0.01
CVE-2021-43062 MEDIUM NUCLEI
FortiMail 6.2.0-6.2.7, 6.4.0-6.4.5, 6.3.0-6.3.7, 7.0.0-7.0.1 - XSS via FortiGuard URI Protection
Feb 02, 2022
CVSS 6.1
EPSS 0.57
CVE-2021-42753 HIGH
FortiWeb 5.8.0-6.3.15 - Authenticated Path Traversal and Arbitrary File Deletion
Feb 02, 2022
CVSS 8.1
EPSS 0.01
Products
fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12
Quick Filters
Critical CVEs With Exploits In CISA KEV