Vulnerabilidades em Fortinet
933 resultadosCVE-2023-23777HIGHAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0EPSS 1.3%CVE-2024-33508MEDIUMAn improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2EPSS 1.3%CVE-2022-33869HIGHAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiWAN 4.0.0 thEPSS 1.3%CVE-2017-7733—A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute EPSS 1.3%CVE-2022-41331CRITICALA missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a EPSS 1.3%CVE-2023-36641MEDIUMA numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all vEPSS 1.3%CVE-2023-48791HIGHAn improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in FortiPortal version 7.2.0, EPSS 1.3%CVE-2019-15705—An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unautEPSS 1.3%CVE-2023-44247MEDIUMA double free vulnerability [CWE-415] vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or EPSS 1.3%CVE-2024-33502MEDIUMAn improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 thrEPSS 1.2%CVE-2025-31104HIGHAn Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 throuEPSS 1.2%CVE-2025-24470HIGHAn Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0EPSS 1.2%CVE-2023-44256MEDIUMA server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 EPSS 1.2%CVE-2021-43071HIGHA heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attackerEPSS 1.2%CVE-2022-27491MEDIUMA improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through EPSS 1.2%CVE-2022-23443HIGHAn improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to access gateway API data via crafted HTTP GEPSS 1.2%CVE-2021-26097HIGHAn improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4,EPSS 1.2%CVE-2024-23671HIGHA improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.3,EPSS 1.2%CVE-2021-24015HIGHAn improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4EPSS 1.2%CVE-2020-12816—An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored croEPSS 1.2%