CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-39948
https://notcve.org/view.php?id=CVE-2022-39948
16 Feb 2023 — An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy) An impr... • https://fortiguard.com/psirt/FG-IR-22-257 • CWE-295: Improper Certificate Validation •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-43074
https://notcve.org/view.php?id=CVE-2021-43074
16 Feb 2023 — An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session man... • https://fortiguard.com/psirt/FG-IR-21-126 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-41335
https://notcve.org/view.php?id=CVE-2022-41335
16 Feb 2023 — A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests. A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, Fo... • https://fortiguard.com/psirt/FG-IR-22-391 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 10.0EPSS: 93%CPEs: 40EXPL: 9CVE-2022-42475 – Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-42475
02 Jan 2023 — A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico [CWE-122] en FortiOS SSL-VPN 7.2.0 a 7.2.2, 7.0.0 a 7.0.8, 6.4.0 a 6.4.10, 6.2.0 a ... • https://github.com/0xhaggis/CVE-2022-42475 • CWE-197: Numeric Truncation Error CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-35843
https://notcve.org/view.php?id=CVE-2022-35843
06 Dec 2022 — An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server. Una omisión de autenticación por vulnerabilidad de datos supuestamen... • https://fortiguard.com/psirt/FG-IR-22-255 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-29055
https://notcve.org/view.php?id=CVE-2022-29055
10 Oct 2022 — A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request. Un acceso de puntero no inicializado en Fortinet FortiOS versión 7.2.0, 7.0.0 hasta 7.0.5, 6.4.0 hasta 6.4.8, 6.2.0 hasta 6.2.10, 6.0.x, FortiProxy versión 7. 0.0 hasta 7.0.4, 2.0.0 hasta 2.0.9, ... • https://fortiguard.com/psirt/FG-IR-22-086 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-22299
https://notcve.org/view.php?id=CVE-2022-22299
05 Aug 2022 — A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS v... • https://fortiguard.com/psirt/FG-IR-21-235 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 4.3EPSS: 0%CPEs: 130EXPL: 0CVE-2021-42755
https://notcve.org/view.php?id=CVE-2021-42755
18 Jul 2022 — An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service. Una vulnerabilidad de de... • https://fortiguard.com/psirt/FG-IR-21-155 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 0CVE-2021-44170
https://notcve.org/view.php?id=CVE-2021-44170
18 Jul 2022 — A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments. Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria [CWE-121] en el intérprete de línea de comandos de FortiOS versiones anteriores a 7.0.4 y FortiProxy versiones anteriores a 2.0.8, puede permitir a un atacante autenticado ... • https://fortiguard.com/psirt/FG-IR-21-179 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-43081
https://notcve.org/view.php?id=CVE-2021-43081
11 May 2022 — An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. Una vulnerabilidad de neutralización inapropiada de la entrada durante la generación de la página web [CWE-79] en FortiOS versión 7.0.3 y anteriores, 6.4.8 y ant... • https://fortiguard.com/psirt/FG-IR-21-230 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •