Page 13 of 67 results (0.005 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the "redir" parameter of the URL seen when the "Sign in with FortiCloud" button is clicked. • https://fortiguard.com/psirt/FG-IR-22-224 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0

An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy) • https://fortiguard.com/psirt/FG-IR-22-257 • CWE-295: Improper Certificate Validation •

CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests. • https://fortiguard.com/psirt/FG-IR-22-391 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •

CVSS: 9.8EPSS: 27%CPEs: 40EXPL: 3

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico [CWE-122] en FortiOS SSL-VPN 7.2.0 a 7.2.2, 7.0.0 a 7.0.8, 6.4.0 a 6.4.10, 6.2.0 a 6.2.11, 6.0 .15 y anteriores y FortiProxy SSL-VPN 7.2.0 hasta 7.2.1, 7.0.7 y anteriores pueden permitir que un atacante remoto no autenticado ejecute código o comandos arbitrarios a través de solicitudes específicamente manipuladas. Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests. • https://github.com/0xhaggis/CVE-2022-42475 https://github.com/3yujw7njai/CVE-2022-42475-RCE-POC https://fortiguard.com/psirt/FG-IR-22-398 • CWE-197: Numeric Truncation Error CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0

An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server. Una omisión de autenticación por vulnerabilidad de datos supuestamente inmutables [CWE-302] en el componente de inicio de sesión SSH de FortiOS 7.2.0, 7.0.0 a 7.0.7, 6.4.0 a 6.4.9, 6.2 todas las versiones, 6.0 todas las versiones y FortiProxy SSH El componente de inicio de sesión 7.0.0 a 7.0.5, 2.0.0 a 2.0.10, 1.2.0 todas las versiones puede permitir que un atacante remoto y no autenticado inicie sesión en el dispositivo mediante el envío de una respuesta Access-Challenge especialmente manipulada desde el servidor Radius. • https://fortiguard.com/psirt/FG-IR-22-255 • CWE-284: Improper Access Control CWE-287: Improper Authentication •