CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 1CVE-2024-26009
https://notcve.org/view.php?id=CVE-2024-26009
12 Aug 2025 — An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number. An authentication bypass using an alternate pa... • https://github.com/allinsthon/CVE-2024-26009 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2025-25248
https://notcve.org/view.php?id=CVE-2025-25248
12 Aug 2025 — An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN av... • https://fortiguard.fortinet.com/psirt/FG-IR-24-364 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-45584
https://notcve.org/view.php?id=CVE-2023-45584
12 Aug 2025 — A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and before 1.0.3 allows a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-209 • CWE-415: Double Free •
CVSS: 8.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-52965
https://notcve.org/view.php?id=CVE-2024-52965
08 Jul 2025 — A missing critical step in authentication vulnerability [CWE-304] in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user using api-key + PKI user certificate authentication to login even if the certificate is invalid. • https://fortiguard.fortinet.com/psirt/FG-IR-24-511 • CWE-304: Missing Critical Step in Authentication •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2024-55599
https://notcve.org/view.php?id=CVE-2024-55599
08 Jul 2025 — An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated user to bypass the DNS filter via Apple devices. • https://fortiguard.fortinet.com/psirt/FG-IR-24-053 • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50568
https://notcve.org/view.php?id=CVE-2024-50568
10 Jun 2025 — A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated attacker with the knowledge of device specific data to spoof the identity of a downstream device of the security fabric via crafted TCP requests. • https://fortiguard.fortinet.com/psirt/FG-IR-24-058 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 3.2EPSS: 0%CPEs: 9EXPL: 0CVE-2023-29184
https://notcve.org/view.php?id=CVE-2023-29184
10 Jun 2025 — An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-008 • CWE-459: Incomplete Cleanup •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-22254
https://notcve.org/view.php?id=CVE-2025-22254
10 Jun 2025 — An Improper Privilege Management vulnerability [CWE-269] affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16 and before 6.4.15, FortiProxy version 7.6.0 through 7.6.1 and before 7.4.7 & FortiWeb version 7.6.0 through 7.6.1 and before 7.4.6 allows an authenticated attacker with at least read-only admin permissions to gain super-admin privileges via crafted requests to Node.js websocket module. An Improper Privilege Management vulnerability [... • https://fortiguard.fortinet.com/psirt/FG-IR-25-006 • CWE-269: Improper Privilege Management •
CVSS: 4.8EPSS: 0%CPEs: 16EXPL: 3CVE-2024-50562 – FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
https://notcve.org/view.php?id=CVE-2024-50562
10 Jun 2025 — An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out. An insufficient session expiration vulnerability in FortiOS SSL-VPN allows an attacker to reuse stale session cookies after logout, potentially leading to unauthorized access. The SV... • https://packetstorm.news/files/id/200981 • CWE-613: Insufficient Session Expiration •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22252
https://notcve.org/view.php?id=CVE-2025-22252
28 May 2025 — A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin via an authentication bypass. • https://fortiguard.fortinet.com/psirt/FG-IR-24-472 • CWE-306: Missing Authentication for Critical Function •