Vulnerabilidades en Fortinet
933 resultadosCVE-2025-66178MEDIUMA improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiWeb 8.0.0 througEPSS 1.7%CVE-2021-32590CRITICALMultiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 througEPSS 1.7%CVE-2024-48889HIGHAn Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiManager versionEPSS 1.7%CVE-2021-26112HIGHMultiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN beforEPSS 1.6%CVE-2021-43075HIGHA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.2 and below, vEPSS 1.6%CVE-2019-17656MEDIUMA Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.EPSS 1.6%CVE-2021-36186HIGHA stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unautEPSS 1.6%CVE-2021-41024HIGHA relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticatEPSS 1.6%CVE-2022-29061HIGHAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR bEPSS 1.5%CVE-2016-7542—A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write adEPSS 1.5%CVE-2021-36179HIGHA stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code orEPSS 1.5%CVE-2021-44171CRITICALA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiOS version 6.0.0 through 6.0.1EPSS 1.5%CVE-2025-64153MEDIUMA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.6.0 through 7.6.3, EPSS 1.5%CVE-2023-45590CRITICALAn improper control of generation of code ('code injection') in Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 throEPSS 1.5%CVE-2020-6649—An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexEPSS 1.5%CVE-2016-8491—The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote sEPSS 1.5%CVE-2023-25607HIGHAn improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 EPSS 1.5%CVE-2021-26114CRITICALMultiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before 4.5.9 may allow an unauthentiEPSS 1.5%CVE-2022-27489HIGHA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, EPSS 1.5%CVE-2016-8494—Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uplEPSS 1.5%