Fortinet

Fortiadc

43 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-58412

  • EPSS 0.04%
  • Veröffentlicht 19.11.2025 09:49:04
  • Zuletzt bearbeitet 20.11.2025 14:38:45

A improper neutralization of script-related html tags in a web page (basic xss) vulnerability in Fortinet FortiADC 8.0.0, FortiADC 7.6.0 through 7.6.3, FortiADC 7.4 all versions, FortiADC 7.2 all versions may allow attacker to execute unauthorized co...

6.6

CVE-2025-48839

  • EPSS 0.1%
  • Veröffentlicht 18.11.2025 17:01:25
  • Zuletzt bearbeitet 20.11.2025 14:37:57

An Out-of-bounds Write vulnerability [CWE-787] in FortiADC 8.0.0, 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to execute arbitrary code via speci...

6.5

CVE-2025-54971

  • EPSS 0.04%
  • Veröffentlicht 18.11.2025 17:01:17
  • Zuletzt bearbeitet 20.11.2025 14:33:09

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiADC 7.4.0, FortiADC 7.2 all versions, FortiADC 7.1 all versions, FortiADC 7.0 all versions, FortiADC 6.2 all versions may allow an admin with read-only permi...

6.5

CVE-2025-59921

  • EPSS 0.2%
  • Veröffentlicht 14.10.2025 15:23:42
  • Zuletzt bearbeitet 16.10.2025 14:47:39

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiADC version 7.4.0, version 7.2.3 and below, version 7.1.4 and below, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to obta...

7.2

CVE-2025-49813

  • EPSS 0.12%
  • Veröffentlicht 12.08.2025 18:59:19
  • Zuletzt bearbeitet 15.08.2025 12:26:02

An improper neutralization of special elements used in an OS Command ("OS Command Injection") vulnerability [CWE-78] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a remote and authenticated attacker with low privilege to execute unauthor...

7.2

CVE-2025-31104

Medienbericht
  • EPSS 0.08%
  • Veröffentlicht 10.06.2025 16:36:13
  • Zuletzt bearbeitet 22.07.2025 17:06:49

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.7, 7.1.0 through 7.1.4, 7.0 all versions, 6.2 all versions, 6...

6.1

CVE-2023-37933

  • EPSS 0.05%
  • Veröffentlicht 11.03.2025 14:54:35
  • Zuletzt bearbeitet 22.07.2025 21:39:07

An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC GUI version 7.4.0, 7.2.0 through 7.2.1 and before 7.1.3 allows an authenticated attacker to perform an XSS attack via crafted H...

6.1

CVE-2022-23439

  • EPSS 0.13%
  • Veröffentlicht 22.01.2025 10:15:07
  • Zuletzt bearbeitet 12.02.2025 13:39:42

A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before v...

3.7

CVE-2024-36511

  • EPSS 0.3%
  • Veröffentlicht 10.09.2024 15:15:16
  • Zuletzt bearbeitet 20.09.2024 19:43:25

An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions w...

5.9

CVE-2023-50179

  • EPSS 0.22%
  • Veröffentlicht 09.07.2024 16:15:03
  • Zuletzt bearbeitet 21.11.2024 08:36:36

An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7.1 all versions, 7.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel betw...