PSIRT Advisories
PSIRT Advisories
- FortiWLC - Improper access control
- FortiWLC - Hardcoded root password
- Multiple Products - Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification (FragAttacks)
- FortiGate & FortiADC - Read-only admins can obtain the LDAP credentials configured in the FortiGate and FortiADC using the LDAP test connectivity feature
- FortiAuthenticator - Hard-coded cryptographic keys used to encrypt sensitive data
- FortiGate SSL VPN portal is vulnerable to an XSS
- FortiOS - Improper verification of the user certificate's chain of trust in FortiGate when connecting to SSL-VPN
- FortiProxy - Stack-based Buffer overflow vulnerability through the diagnose sys cpuset CLI command
- FortiProxy - Unauthenticated SSL VPN users password modification
- FortiProxy - system file leak through SSL VPN special crafted HTTP resource requests
- FortiSwitch - memory leak issue in lldpmedd daemon
- FortiWLC - Access of Uninitialized Pointer vulnerability
- FortiWLC - Multiple Buffer Overflow vulnerabilities
- FortiWLC - XSS vulnerability
- FortiWeb - OS command injection vulnerability
- Hardcoded root password in Meru AP
- Read-only admins can obtain LDAP credentials configured in FortiGate using LDAP test connectivity feature
- FortiAI - OS command injection due to improper input sanitization
- Privilege Escalation observed in FortiNAC by exploiting the SUDO privileges
- XSS vulnerability in FortiProxy SSLVPN Portal
- Authentication bypass in FortiWAN
- Clear-text insertion of user's passwords into log files
- FortiProxy - HTTPD is vulnerable to a Stack-based Buffer Overflow vulnerability
- The password configured in the FortiWeb's Web Vulnerability Scan profile is visible in cleartext.
- FortiProxy multiple pre-auth XSS vulnerabilities on SSL VPN
Do you like cookies? 🍪 I use cookies to ensure you get the best experience on my website. More cookies info