CVE-2022-22299
- EPSS 0.19%
- Veröffentlicht 05.08.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:46:35
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1....
CVE-2021-42755
- EPSS 0.36%
- Veröffentlicht 18.07.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:28:06
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0...
CVE-2021-44170
- EPSS 0.2%
- Veröffentlicht 18.07.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:30:29
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line ...
CVE-2021-43081
- EPSS 0.84%
- Veröffentlicht 11.05.2022 15:15:08
- Zuletzt bearbeitet 21.11.2024 06:28:39
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter overrid...
CVE-2021-43206
- EPSS 0.77%
- Veröffentlicht 04.05.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:28:50
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client userna...
CVE-2021-26092
- EPSS 1.06%
- Veröffentlicht 24.02.2022 03:15:43
- Zuletzt bearbeitet 21.11.2024 05:55:51
Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 ...
CVE-2021-41024
- EPSS 1.55%
- Veröffentlicht 08.12.2021 13:15:07
- Zuletzt bearbeitet 21.11.2024 06:25:17
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of th...
CVE-2021-26103
- EPSS 0.42%
- Veröffentlicht 08.12.2021 12:15:07
- Zuletzt bearbeitet 21.11.2024 05:55:52
An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote...
CVE-2021-26110
- EPSS 0.25%
- Veröffentlicht 08.12.2021 11:15:11
- Zuletzt bearbeitet 21.11.2024 05:55:53
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their ...
CVE-2021-42757
- EPSS 0.48%
- Veröffentlicht 08.12.2021 11:15:11
- Zuletzt bearbeitet 16.10.2025 10:15:36
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.