CVSS: 4.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-15936
https://notcve.org/view.php?id=CVE-2020-15936
01 Mar 2022 — A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets. Una comprobación de entrada inapropiada en Fortinet FortiGate versiones 6.4.3 y anteriores, versiones 6.2.5 y anteriores, versiones 6.0.11 y anteriores, versiones 5.6.13 y anteriores, permite a un atacante revelar información confidencial por medio de paquetes SNI Client Hello... • https://fortiguard.com/advisory/FG-IR-20-091 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2021-26092
https://notcve.org/view.php?id=CVE-2021-26092
24 Feb 2022 — Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters. Un fallo en el saneo de la entrada en el portal web SSL VPN de FortiOS versiones 5.2.10 has... • https://fortiguard.com/psirt/FG-IR-20-199 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-44168 – Fortinet FortiOS Arbitrary File Download
https://notcve.org/view.php?id=CVE-2021-44168
04 Jan 2022 — A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages. Una vulnerabilidad de descarga de código sin comprobación de integridad en el comando "execute restore src-vis" de FortiOS versiones anteriores a 7.0.3, puede permitir a un atacante local autenticado descargar archivos arbitrarios en el dispositivo por medio de paquet... • https://github.com/0xhaggis/CVE-2021-44168 • CWE-494: Download of Code Without Integrity Check •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2021-36169
https://notcve.org/view.php?id=CVE-2021-36169
13 Dec 2021 — A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations. Una funcionalidad oculta en Fortinet FortiOS versiones 7.x anteriores a 7.0.1, FortiOS versiones 6.4.x anteriores a 6.4.7, permite al atacante ejecutar código o comandos no autorizados por medio de operaciones específicas de lectura/escritura hexadecimal • https://fortiguard.com/advisory/FG-IR-21-091 •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-36173
https://notcve.org/view.php?id=CVE-2021-36173
08 Dec 2021 — A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images. Un desbordamiento de búfer en la región heap de la memoria en la función firmware signature verification de FortiOS versiones 7.0.1, 7.0.0, 6.4.0 hasta 6.4.6, 6.2.0 hasta 6.2.9 y 6.0.0 hasta 6.0.13, puede permitir a un atacante ejecutar código... • https://fortiguard.com/advisory/FG-IR-21-115 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26109
https://notcve.org/view.php?id=CVE-2021-26109
08 Dec 2021 — An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution. Una vulnerabilidad de desbordamiento de enteros o wraparound en el asignador de memoria de SSLVPN en FortiOS versiones anteriores a 7.0.1, puede permitir a un atacante no autenticado corromper los datos de control en el montón por medio... • https://fortiguard.com/advisory/FG-IR-21-049 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-26108
https://notcve.org/view.php?id=CVE-2021-26108
08 Dec 2021 — A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering. Una vulnerabilidad en el uso de la clave criptográfica embebida en SSLVPN de FortiOS versiones anteriores a 7.0.1, puede permitir a un atacante recuperar la clave mediante ingeniería inversa • https://fortiguard.com/advisory/FG-IR-21-051 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-41024
https://notcve.org/view.php?id=CVE-2021-41024
08 Dec 2021 — A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page. Una vulnerabilidad de salto de ruta relativa [CWE-23] en FortiOS versiones 7.0.0 y 7.0.1 y en FortiProxy versión 7.0.0, puede permitir a un atacante no autenticado y no autorizado inyectar secuencias de caracteres ... • https://fortiguard.com/advisory/FG-IR-21-181 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-26103
https://notcve.org/view.php?id=CVE-2021-26103
08 Dec 2021 — An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability. Una vulnerabilidad de verificación insuficiente de la autenticidad de los datos (CWE-345) en la interfaz ... • https://fortiguard.com/advisory/FG-IR-20-158 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.7EPSS: 0%CPEs: 30EXPL: 0CVE-2021-42757
https://notcve.org/view.php?id=CVE-2021-42757
08 Dec 2021 — A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. Un desbordamiento de búfer [CWE-121] en la biblioteca del cliente TFTP de FortiOS versiones anteriores a 6.4.7 y FortiOS versiones 7.0.0 hasta 7.0.2, puede permitir a un atacante local autenticado lograr una ejecución de código arbitrario por medio de argumentos de línea de c... • https://fortiguard.com/advisory/FG-IR-21-173 • CWE-787: Out-of-bounds Write •