Fortinet

FortiOS

260 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2015-1452

  • EPSS 0.98%
  • Veröffentlicht 02.02.2015 16:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages.

3.5

CVE-2015-1451

Exploit
  • EPSS 0.24%
  • Veröffentlicht 02.02.2015 16:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join requ...

5.4

CVE-2014-0351

  • EPSS 0.07%
  • Veröffentlicht 10.09.2014 18:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or int...

7.5

CVE-2014-2216

  • EPSS 5.81%
  • Veröffentlicht 25.08.2014 14:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request.

4.3

CVE-2013-7182

  • EPSS 0.81%
  • Veröffentlicht 04.02.2014 05:39:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.

5.1

CVE-2013-1414

Exploit
  • EPSS 0.38%
  • Veröffentlicht 08.07.2013 17:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) setting...

6.5

CVE-2013-4604

  • EPSS 0.39%
  • Veröffentlicht 25.06.2013 14:38:18
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.

5

CVE-2006-3222

  • EPSS 1.59%
  • Veröffentlicht 24.06.2006 10:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.

10

CVE-2005-3057

  • EPSS 1.88%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server respon...

7.5

CVE-2005-3058

  • EPSS 2.65%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP req...