Fortinet: >> Fortios >> 7.2.6 Security Vulnerabilities
A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9 and before 7.0.15, Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and before 6.2.13, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and before 6.2.13, Fortinet FortiVoice version 7.0.0 through 7.0.2 before 6.4.8 and Fortinet FortiWeb before 7.4.2 may allow an unauthenticated attacker in a man-in-the-middle position to impersonate the management device (FortiCloud server or/and in certain conditions, FortiManager), via intercepting the FGFM authentication request between the management device and the managed device
CVSS Score
7.5
EPSS Score
0.001
Published
2025-04-08
An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripting attack via a malicious samba server.
CVSS Score
7.5
EPSS Score
0.005
Published
2025-03-14
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7.2.12 and before 7.0.19, FortiPAM version 1.4.0 through 1.4.2 and before 1.3.1, FortiSRA version 1.4.0 through 1.4.2 and before 1.3.1 and FortiWeb version 7.4.0 through 7.4.5, version 7.2.0 through 7.2.10 and before 7.0.10 allows a privileged attacker to execute unauthorized code or commands via specially crafted HTTP or HTTPS commands.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-03-11
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to evade FortiOS stack protections and provided the fabric service is running on the exposed interface.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-02-11
An incorrect privilege assignment vulnerability [CWE-266] in Fortinet FortiOS version 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9 and before 7.0.15 allows an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the targetted FortiGate to a malicious upstream FortiGate they control.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-02-11
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.2 and before 1.0.3, FortiSwitchManager version 7.2.0 through 7.2.2 and before 7.0.2 allows a privileged attacker to execute arbitrary code or commands via specially crafted requests.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-02-11
An Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 may allow a remote unauthenticated attacker to bypass the file filter via crafted HTTP headers.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-14
A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
CVSS Score
9.0
EPSS Score
0.002
Published
2025-01-14
A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets.
CVSS Score
3.7
EPSS Score
0.001
Published
2025-01-14
AnĀ Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service.
CVSS Score
3.5
EPSS Score
0.002
Published
2025-01-14