Fortinet

FortiOS

269 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2015-1451

Exploit
  • EPSS 0.24%
  • Veröffentlicht 02.02.2015 16:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join requ...

5.4

CVE-2014-0351

  • EPSS 0.07%
  • Veröffentlicht 10.09.2014 18:55:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or int...

7.5

CVE-2014-2216

  • EPSS 5.81%
  • Veröffentlicht 25.08.2014 14:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request.

4.3

CVE-2013-7182

  • EPSS 0.81%
  • Veröffentlicht 04.02.2014 05:39:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.

5.1

CVE-2013-1414

Exploit
  • EPSS 0.45%
  • Veröffentlicht 08.07.2013 17:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) setting...

6.5

CVE-2013-4604

  • EPSS 0.39%
  • Veröffentlicht 25.06.2013 14:38:18
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.

5

CVE-2006-3222

  • EPSS 1.59%
  • Veröffentlicht 24.06.2006 10:06:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.

10

CVE-2005-3057

  • EPSS 1.88%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server respon...

7.5

CVE-2005-3058

  • EPSS 2.65%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP req...