CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Fortinet : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-44168 494 Exec Code 2022-01-04 2022-01-12
4.6
None Local Low Not required Partial Partial Partial
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.
2 CVE-2021-43204 DoS 2021-12-09 2021-12-10
4.9
None Local Low Not required None None Complete
A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version 6.2.9 and below, version 6.0.10 and below allows attacker to cause a complete denial of service of its components via changes of directory access permissions.
3 CVE-2021-43071 787 Exec Code Overflow 2021-12-09 2021-12-10
6.5
None Remote Low ??? Partial Partial Partial
A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller.
4 CVE-2021-43068 287 Bypass 2021-12-09 2021-12-10
5.5
None Remote Low ??? Partial Partial None
A improper authentication in Fortinet FortiAuthenticator version 6.4.0 allows user to bypass the second factor of authentication via a RADIUS login portal.
5 CVE-2021-43067 200 +Info 2021-12-08 2021-12-09
4.3
None Remote Medium Not required Partial None None
A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator version 6.4.0, version 6.3.2 and below, version 6.2.1 and below, version 6.1.2 and below, version 6.0.7 to 6.0.1 allows attacker to duplicate a target LDAP user 2 factors authentication token via crafted HTTP requests.
6 CVE-2021-43065 732 +Priv 2021-12-09 2021-12-10
7.2
None Local Low Not required Complete Complete Complete
A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data.
7 CVE-2021-43064 601 2021-12-08 2021-12-09
5.8
None Remote Medium Not required Partial Partial None
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers.
8 CVE-2021-43063 79 Exec Code XSS 2021-12-08 2021-12-09
4.3
None Remote Medium Not required None Partial None
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to the login webpage.
9 CVE-2021-42760 89 Sql 2021-12-08 2021-12-09
7.5
None Remote Low Not required Partial Partial Partial
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclose sensitive information from DB tables via crafted requests.
10 CVE-2021-42757 120 Exec Code Overflow 2021-12-08 2021-12-09
4.6
None Local Low Not required Partial Partial Partial
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
11 CVE-2021-42754 94 2021-11-02 2021-11-04
3.5
None Remote Medium ??? None Partial None
An improper control of generation of code vulnerability [CWE-94] in FortiClientMacOS versions 7.0.0 and below and 6.4.5 and below may allow an authenticated attacker to hijack the MacOS camera without the user permission via the malicious dylib file.
12 CVE-2021-42752 79 Exec Code XSS 2021-12-08 2021-12-09
3.5
None Remote Medium ??? None Partial None
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute malicious javascript code on victim's host via crafted HTTP requests
13 CVE-2021-41030 294 Bypass 2021-12-08 2021-12-10
6.4
None Remote Low Not required Partial Partial None
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages.
14 CVE-2021-41029 79 XSS 2021-12-08 2021-12-09
3.5
None Remote Medium ??? None Partial None
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWLM version 8.6.1 and below allows attacker to store malicious javascript code in the device and trigger it via crafted HTTP requests
15 CVE-2021-41028 798 2021-12-16 2022-01-04
5.4
None Local Network Medium Not required Partial Partial Partial
A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability [CWE-297] in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an unauthenticated and network adjacent attacker to perform a man-in-the-middle attack between the EMS and the FCT via the telemetry protocol.
16 CVE-2021-41027 787 Exec Code Overflow 2021-12-08 2021-12-09
4.6
None Local Low Not required Partial Partial Partial
A stack-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, allows an authenticated attacker to execute unauthorized code or commands via crafted certificates loaded into the device.
17 CVE-2021-41025 362 Bypass 2021-12-08 2021-12-10
7.5
None Remote Low Not required Partial Partial Partial
Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 thorugh 6.0.7, including an instance of concurrent execution using shared resource with improper synchronization and one of authentication bypass by capture-replay, may allow a remote unauthenticated attacker to circumvent the authentication process and authenticate as a legitimate cluster peer.
18 CVE-2021-41024 22 Dir. Trav. 2021-12-08 2021-12-09
5.0
None Remote Low Not required Partial None None
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.
19 CVE-2021-41021 269 2021-12-08 2021-12-10
7.2
None Local Low Not required Complete Complete Complete
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command.
20 CVE-2021-41019 295 2021-11-02 2021-11-04
4.3
None Remote Medium Not required Partial None None
An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials.
21 CVE-2021-41017 787 Exec Code Overflow 2021-12-08 2021-12-10
6.5
None Remote Low ??? Partial Partial Partial
Multiple heap-based buffer overflow vulnerabilities in some web API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow a remote authenticated attacker to execute arbitrary code or commands via specifically crafted HTTP requests.
22 CVE-2021-41015 79 Exec Code XSS 2021-12-08 2021-12-09
4.3
None Remote Medium Not required None Partial None
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to SAML login handler
23 CVE-2021-41014 400 2021-12-08 2021-12-09
5.0
None Remote Low Not required None None Partial
A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to make the httpsd daemon unresponsive via huge HTTP packets
24 CVE-2021-41013 863 2021-12-08 2021-12-10
5.0
None Remote Low Not required Partial None None
An improper access control vulnerability [CWE-284] in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report Browse section of Log & Report may allow an unauthorized and unauthenticated user to access the Log reports via their URLs.
25 CVE-2021-36194 787 Exec Code Overflow 2021-12-09 2021-12-10
6.5
None Remote Low ??? Partial Partial Partial
Multiple stack-based buffer overflows in the API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests.
26 CVE-2021-36192 668 2021-11-03 2021-11-05
2.1
None Local Low Not required Partial None None
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.
27 CVE-2021-36191 601 2021-12-08 2021-12-15
4.9
None Remote Medium ??? Partial Partial None
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to use the device as proxy via crafted GET parameters in requests to error handlers
28 CVE-2021-36190 610 2021-12-08 2021-12-09
6.5
None Remote Low ??? Partial Partial Partial
A unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to access protected hosts via crafted HTTP requests.
29 CVE-2021-36189 311 2021-12-09 2021-12-10
4.0
None Remote Low ??? Partial None None
A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows attacker to information disclosure via inspecting browser decrypted data
30 CVE-2021-36188 79 Exec Code XSS 2021-12-08 2021-12-10
4.3
None Remote Medium Not required None Partial None
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthorized code or commands via crafted GET parameters in requests to login and error handlers
31 CVE-2021-36187 400 DoS 2021-11-02 2021-11-04
5.0
None Remote Low Not required None None Partial
A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to cause a denial of service for webserver daemon via crafted HTTP requests
32 CVE-2021-36186 787 Exec Code Overflow 2021-11-02 2021-11-04
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests
33 CVE-2021-36185 78 Exec Code 2021-11-02 2021-11-04
6.5
None Remote Low ??? Partial Partial Partial
A improper neutralization of special elements used in an OS command ('OS Command Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
34 CVE-2021-36184 89 Sql 2021-11-02 2021-11-04
4.0
None Remote Low ??? Partial None None
A improper neutralization of Special Elements used in an SQL Command ('SQL Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclosure device, users and database information via crafted HTTP requests.
35 CVE-2021-36183 863 2021-11-02 2021-11-04
7.2
None Local Low Not required Complete Complete Complete
An improper authorization vulnerability [CWE-285] in FortiClient for Windows versions 7.0.1 and below and 6.4.2 and below may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for Forticlient updates.
36 CVE-2021-36182 78 Exec Code 2021-09-08 2021-09-14
6.5
None Remote Low ??? Partial Partial Partial
A Improper neutralization of special elements used in a command ('Command Injection') in Fortinet FortiWeb version 6.3.13 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests
37 CVE-2021-36181 362 2021-11-02 2021-11-04
3.5
None Remote Medium ??? None Partial None
A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific coordination of web requests.
38 CVE-2021-36180 77 Exec Code 2021-12-08 2021-12-09
6.5
None Remote Low ??? Partial Partial Partial
Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.5 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests.
39 CVE-2021-36179 787 Exec Code Overflow 2021-09-08 2021-09-14
6.5
None Remote Low ??? Partial Partial Partial
A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution
40 CVE-2021-36178 522 2021-10-06 2021-10-14
4.0
None Remote Low ??? Partial None None
A insufficiently protected credentials in Fortinet FortiSDNConnector version 1.1.7 and below allows attacker to disclose third-party devices credential information via configuration page lookup.
41 CVE-2021-36176 79 DoS XSS 2021-11-02 2021-11-04
4.3
None Remote Medium Not required None Partial None
Multiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal before 6.0.6 may allow a single low-privileged user to induce a denial of service via multiple HTTP requests.
42 CVE-2021-36175 79 XSS 2021-10-06 2021-10-14
3.5
None Remote Medium ??? None Partial None
An improper neutralization of input vulnerability [CWE-79] in FortiWebManager versions 6.2.3 and below, 6.0.2 and below may allow a remote authenticated attacker to inject malicious script/tags via the name/description/comments parameter of various sections of the device.
43 CVE-2021-36174 770 DoS 2021-11-02 2021-11-04
5.0
None Remote Low Not required None None Partial
A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an attacker to perform a denial of service attack via specially crafted license blobs.
44 CVE-2021-36172 611 DoS 2021-11-02 2021-11-04
6.4
None Remote Low Not required Partial None Partial
An improper restriction of XML external entity reference vulnerability in the parser of XML responses of FortiPortal before 6.0.6 may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file system by means of specifically crafted XML documents.
45 CVE-2021-36170 522 2021-10-06 2021-10-14
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.
46 CVE-2021-36169 863 Exec Code 2021-12-13 2021-12-17
6.6
None Local Low Not required Complete Complete None
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.
47 CVE-2021-36168 22 Dir. Trav. 2021-08-04 2021-08-10
4.0
None Remote Low ??? Partial None None
A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.x before 5.3.6 and any FortiPortal before 6.2.5 allows authenticated attacker to disclosure information via crafted GET request with malicious parameter values.
48 CVE-2021-36167 863 Bypass 2021-12-09 2021-12-10
5.0
None Remote Low Not required None Partial None
An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6 and below and 6.2.8 and below may allow an unauthenticated attacker to bypass the webfilter control via modifying the session-id paramater.
49 CVE-2021-32603 918 2021-08-05 2021-08-12
4.0
None Remote Low ??? Partial None None
A server-side request forgery (SSRF) (CWE-918) vulnerability in FortiManager and FortiAnalyser GUI 7.0.0, 6.4.5 and below, 6.2.7 and below, 6.0.11 and below, 5.6.11 and below may allow a remote and authenticated attacker to access unauthorized files and services on the system via specifically crafted web requests.
50 CVE-2021-32602 79 XSS 2021-08-19 2021-08-25
4.3
None Remote Medium Not required None Partial None
An improper neutralization of input during web page generation vulnerability (CWE-79) in FortiPortal GUI 6.0.4 and below, 5.3.6 and below, 5.2.6 and below, 5.1.2 and below, 5.0.3 and below, 4.2.2 and below, 4.1.2 and below, 4.0.4 and below may allow a remote and unauthenticated attacker to perform an XSS attack via sending a crafted request with an invalid lang parameter or with an invalid org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE value.
Total number of vulnerabilities : 326   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.