Category: Fortinet PSIRT Advisories

A stack-based buffer overflow vulnerability in FortiWeb may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.

A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious...

An OS command injection vulnerability in FortiDeceptor may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.

A format string vulnerability in FortiWeb may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.

A stack-based buffer overflow vulnerability in FortiWeb may allow a remote, authenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.

A stack-based buffer overflow vulnerability in FortiWeb may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large...

A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious...

An exposure of sensitive information to an unauthorized actor vulnerability in FortiGate may allow a remote authenticated attacker to read the SSL VPN events log entries of users in other VDOMs by  executing “get vpn ssl...