Fortinet - CVE CyberSecurity Database News

Mar 12, 2024 Exploit Fortinet FortiOS

CVE-2023-42790 - Understanding and Exploiting a Stack-Based Buffer Overflow in Fortinet FortiOS and FortiProxy

CVE-2023-42790 is a critical security vulnerability that affects various versions of Fortinet’s FortiOS and FortiProxy products. The flaw is a stack-based buffer overflow—one

Mar 12, 2024 RCE Fortinet FortiProxy

CVE-2023-42789 - How a Fortinet Out-of-Bounds Write Leads to Remote Code Execution

Fortinet devices are widely used to secure enterprise networks, making them attractive targets for attackers. In late 2023, a critical vulnerability (CVE-2023-42789) was disclosed that

Mar 12, 2024 API SQL PHP Fortinet FortiClientEMS

CVE-2023-48788 - Understanding and Exploiting the SQL Injection Vulnerability in Fortinet FortiClientEMS

--- Introduction In late 2023, security researchers discovered a critical SQL injection vulnerability in Fortinet FortiClientEMS, a popular enterprise endpoint management software. This flaw, tracked

Feb 22, 2024 API Fortinet FortiOS

CVE-2023-29181 - Exploiting Fortinet FortiOS, FortiProxy & FortiPAM via Format String Flaw

--- Summary: CVE-2023-29181 is a critical vulnerability found in multiple versions of Fortinet FortiOS, FortiProxy, and FortiPAM. The flaw is caused by unsafe use of

Feb 22, 2024 Exploit Fortinet FortiProxy

CVE-2023-29180 - How a Null Pointer Dereference in Fortinet FortiOS and FortiProxy Leads to Denial of Service

Fortinet is a well-known vendor when it comes to network security appliances. Their FortiOS is widely deployed in firewalls, VPNs, and other security gateways. However,