CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-43081
https://notcve.org/view.php?id=CVE-2021-43081
11 May 2022 — An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. Una vulnerabilidad de neutralización inapropiada de la entrada durante la generación de la página web [CWE-79] en FortiOS versión 7.0.3 y anteriores, 6.4.8 y ant... • https://fortiguard.com/psirt/FG-IR-21-230 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-43206
https://notcve.org/view.php?id=CVE-2021-43206
04 May 2022 — A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages. Un mensaje de error generado por el servidor que contiene información confidencial en Fortinet FortiOS 7.0.0 a 7.0.3, 6.4.0 a 6.4.8, 6.2.x, 6.0.x y FortiProxy 7.0.0 a 7.0... • https://fortiguard.com/psirt/FG-IR-21-231 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-41032
https://notcve.org/view.php?id=CVE-2021-41032
04 May 2022 — An improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands. Una vulnerabilidad de control de acceso inapropiado [CWE-284] en FortiOS versiones 6.4.8 y anteriores y 7.0.3 y anteriores, puede permitir a un atacante autenticado con un perfil de usuario restringido recopilar información c... • https://fortiguard.com/psirt/FG-IR-21-147 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-44168 – Fortinet FortiOS Arbitrary File Download
https://notcve.org/view.php?id=CVE-2021-44168
04 Jan 2022 — A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages. Una vulnerabilidad de descarga de código sin comprobación de integridad en el comando "execute restore src-vis" de FortiOS versiones anteriores a 7.0.3, puede permitir a un atacante local autenticado descargar archivos arbitrarios en el dispositivo por medio de paquet... • https://github.com/0xhaggis/CVE-2021-44168 • CWE-494: Download of Code Without Integrity Check •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2021-36169
https://notcve.org/view.php?id=CVE-2021-36169
13 Dec 2021 — A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations. Una funcionalidad oculta en Fortinet FortiOS versiones 7.x anteriores a 7.0.1, FortiOS versiones 6.4.x anteriores a 6.4.7, permite al atacante ejecutar código o comandos no autorizados por medio de operaciones específicas de lectura/escritura hexadecimal • https://fortiguard.com/advisory/FG-IR-21-091 •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-36173
https://notcve.org/view.php?id=CVE-2021-36173
08 Dec 2021 — A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images. Un desbordamiento de búfer en la región heap de la memoria en la función firmware signature verification de FortiOS versiones 7.0.1, 7.0.0, 6.4.0 hasta 6.4.6, 6.2.0 hasta 6.2.9 y 6.0.0 hasta 6.0.13, puede permitir a un atacante ejecutar código... • https://fortiguard.com/advisory/FG-IR-21-115 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26109
https://notcve.org/view.php?id=CVE-2021-26109
08 Dec 2021 — An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution. Una vulnerabilidad de desbordamiento de enteros o wraparound en el asignador de memoria de SSLVPN en FortiOS versiones anteriores a 7.0.1, puede permitir a un atacante no autenticado corromper los datos de control en el montón por medio... • https://fortiguard.com/advisory/FG-IR-21-049 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-26108
https://notcve.org/view.php?id=CVE-2021-26108
08 Dec 2021 — A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering. Una vulnerabilidad en el uso de la clave criptográfica embebida en SSLVPN de FortiOS versiones anteriores a 7.0.1, puede permitir a un atacante recuperar la clave mediante ingeniería inversa • https://fortiguard.com/advisory/FG-IR-21-051 • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-26103
https://notcve.org/view.php?id=CVE-2021-26103
08 Dec 2021 — An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability. Una vulnerabilidad de verificación insuficiente de la autenticidad de los datos (CWE-345) en la interfaz ... • https://fortiguard.com/advisory/FG-IR-20-158 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.7EPSS: 0%CPEs: 30EXPL: 0CVE-2021-42757
https://notcve.org/view.php?id=CVE-2021-42757
08 Dec 2021 — A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. Un desbordamiento de búfer [CWE-121] en la biblioteca del cliente TFTP de FortiOS versiones anteriores a 6.4.7 y FortiOS versiones 7.0.0 hasta 7.0.2, puede permitir a un atacante local autenticado lograr una ejecución de código arbitrario por medio de argumentos de línea de c... • https://fortiguard.com/advisory/FG-IR-21-173 • CWE-787: Out-of-bounds Write •