Fortinet

Fortivoice

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2024-40588

  • EPSS 0.02%
  • Veröffentlicht 12.08.2025 18:59:11
  • Zuletzt bearbeitet 14.08.2025 01:14:41

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0 through 7.6.1 and before 7.4.3, FortiVoice version 7.0.0 through 7.0.5 and before 7.4.9, FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4, FortiCa...

9.8

CVE-2025-32756

Warnung
  • EPSS 10.06%
  • Veröffentlicht 13.05.2025 14:46:44
  • Zuletzt bearbeitet 25.08.2025 02:21:01

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 thr...

7.5

CVE-2024-50565

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 08.04.2025 14:15:31
  • Zuletzt bearbeitet 25.07.2025 15:22:38

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15 and 6.2.0 through 6.2.16, Fortinet FortiPro...

7.5

CVE-2024-26013

Medienbericht
  • EPSS 0.07%
  • Veröffentlicht 08.04.2025 14:15:30
  • Zuletzt bearbeitet 25.07.2025 15:22:20

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet FortiProxy vers...

5.3

CVE-2021-24008

  • EPSS 0.07%
  • Veröffentlicht 28.03.2025 10:13:32
  • Zuletzt bearbeitet 24.07.2025 19:57:26

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiDDoS version 5.4.0, version 5.3.2 and below, version 5.2.0, version 5.1.0, version 5.0.0, version 4.7.0, version 4.6.0, version 4.5.0, versi...

6.1

CVE-2022-23439

  • EPSS 0.06%
  • Veröffentlicht 22.01.2025 10:15:07
  • Zuletzt bearbeitet 12.02.2025 13:39:42

A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before v...

9.1

CVE-2024-48885

  • EPSS 0.05%
  • Veröffentlicht 16.01.2025 09:15:06
  • Zuletzt bearbeitet 24.09.2025 15:25:58

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6....

9.1

CVE-2024-48884

  • EPSS 0.54%
  • Veröffentlicht 14.01.2025 14:15:32
  • Zuletzt bearbeitet 08.08.2025 16:00:27

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0...

6.7

CVE-2024-40587

  • EPSS 0.24%
  • Veröffentlicht 14.01.2025 14:15:31
  • Zuletzt bearbeitet 31.01.2025 16:34:37

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an authenticated privileged attacker to execute unauthoriz...

8.8

CVE-2023-37931

  • EPSS 0.1%
  • Veröffentlicht 14.01.2025 14:15:26
  • Zuletzt bearbeitet 22.07.2025 21:25:52

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-88] in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection att...