Fortinet: Security Vulnerabilities
Lack of root file system integrity checking in Fortinet FortiManager VM application images of 6.2.0, 6.0.6 and below may allow an attacker to implant third-party programs by recreating the image through specific methods.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-23
An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI.
CVSS Score
5.3
EPSS Score
0.003
Published
2019-08-23
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position.
CVSS Score
5.9
EPSS Score
0.001
Published
2019-08-23
Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.
CVSS Score
9.8
EPSS Score
0.01
Published
2019-08-23
Dynacolor FCM-MB40 v1.2.0.0 use /etc/appWeb/appweb.pass to store administrative web-interface credentials in cleartext. These credentials can be retrieved via cgi-bin/getuserinfo.cgi?mode=info.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-07-08
Dynacolor FCM-MB40 v1.2.0.0 devices have CSRF in all scripts under cgi-bin/.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-07-08
/usr/sbin/default.sh and /usr/apache/htdocs/cgi-bin/admin/hardfactorydefault.cgi on Dynacolor FCM-MB40 v1.2.0.0 devices implement an incomplete factory-reset process. A backdoor can persist because neither system accounts nor the set of services is reset.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-07-08
Dynacolor FCM-MB40 v1.2.0.0 devices allow remote attackers to execute arbitrary commands via a crafted parameter to a CGI script, as demonstrated by sed injection in cgi-bin/camctrl_save_profile.cgi (save parameter) and cgi-bin/ddns.cgi.
CVSS Score
7.2
EPSS Score
0.033
Published
2019-07-08
Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an administrator's SSL conversation.
CVSS Score
5.9
EPSS Score
0.004
Published
2019-07-08
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-06-04