• 0 800 357272
  • Ця електронна адреса захищена від спам-ботів. Вам необхідно увімкнути JavaScript, щоб побачити її.
  • Пн-Пт 09:00-18:00

PSIRT Advisories

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.

  1. SQL injection in forward module

    An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiManager and FortiAnalyzer may allow an authenticated attacker with high privilege to extract database information via crafted requests. Revised on 2025-07-09 00:00:00

  2. Access control bypass in logging component

    An improper access control vulnerability [CWE-284] in FortiIsolator logging component may allow a remote authenticated read-only attacker to alter logs via a crafted HTTP request. Revised on 2025-07-08 00:00:00

  3. Command injection vulnerability

    Two improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in FortiVoice may allow a privileged attacker to execute arbitrary code or commands via crafted HTTP/HTTPS or CLI requests. Revised on 2025-07-08 00:00:00

  4. DNS type 65 resource record requests bypass DNS filter

    An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS and FortiProxy may allow a remote unauthenticated user to bypass the DNS filter via Apple devices. Revised on 2025-07-08 00:00:00

  5. Heap-based buffer overflow in cw_stad daemon

    A heap-based buffer overflow vulnerability [CWE-122] in FortiOS cw_stad daemon may allow an authenticated attacker to execute arbitrary code or commands via specifically crafted requests. Revised on 2025-07-08 00:00:00

  6. PKI via API: Authentication granted with an invalid certificate

    A missing critical step in authentication vulnerability [CWE-304] in FortiOS & FortiProxy may allow an API-user using api-key + PKI user certificate authentication to login even if the certificate is invalid Revised on 2025-07-08 00:00:00

  7. Session still active for deleted admin

    An insufficient session expiration vulnerability [CWE-613] in FortiSandbox & FortiIsolator may allow a remote attacker in possession of an admin session cookie to keep using that admin's session even after the admin user was deleted. Revised on 2025-07-08 00:00:00

  8. Unauthenticated SQL injection in GUI

    An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. Revised on 2025-07-08 00:00:00

  9. Buffer overflow in fgfmd

    A stack-based overflow vulnerability [CWE-124] in FortiOS, FortiProxy, FortiPAM and FortiSwitchManager may allow a remote attacker to execute arbitrary code or command via crafted packets reaching the fgfmd daemon, under certain conditions which are outside the control of the attacker. Revised on 2025-06-23 00:00:00

  10. Blind SSRF in API

    A server-side request forgery vulnerability [CWE-918] in FortiClientEMS may allow an authenticated attacker to perform internal requests via crafted HTTP or HTTPS requests. Revised on 2025-06-10 00:00:00

  11. Firewall session injection in FGSP

    An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization packets. Revised on 2025-06-10 00:00:00

  12. IPsec improper validation of certificate with host mismatch

    An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiClient Windows may allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection Revised on 2025-06-10 00:00:00

  13. Improper Handling of Insufficient Permissions or Privileges in GUI websocket

    An Improper Handling of Insufficient Permissions or Privileges Vulnerability [CWE-280] in FortiPAM and FortiSRA GUI websocket could allow a low privileged user to access to a unauthorized resources via specially crafted http requests. Revised on 2025-06-10 00:00:00

  14. Information Disclosure on SSLVPN endpoint

    An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL. Revised on 2025-06-10 00:00:00

  15. Insufficient Access Control Over API Endpoints

    An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiPortal may allow an authenticated attacker to view unauthorized device information via key modification in API requests. Revised on 2025-06-10 00:00:00

  16. Insufficient Session Expiration in SSL-VPN cookie

    An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out. Revised on 2025-06-10 00:00:00

  17. Multiple OS command injection in Web Vulnerability Scanner

    An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC may allow an authenticated attacker to execute unauthorized code via crafted HTTP requests. Revised on 2025-06-10 00:00:00

  18. OS command injection

    An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in FortiManager, FortiAnalyzer & FortiAnalyzer-BigData may allow a local attacker with low privileges to execute unauthorized code via specifically crafted arguments to a CLI command Revised on 2025-06-10 00:00:00

  19. Privilege escalation in GUI websocket module

    An Improper Privilege Management vulnerability [CWE-269] affecting FortiOS, FortiProxy & FortiWeb may allow an authenticated attacker with at least read-only admin permissions to gain super-admin privileges via crafted requests to Node.js websocket module. Revised on 2025-06-10 00:00:00

  20. Privilege escalation in automation-stitch

    An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in FortiOS and FortiProxy may allow an authenticated attacker to elevate their privileges via triggering a malicious Webhook action in the Automation Stitch component. Revised on 2025-06-10 00:00:00
© 2004 - 2025
USEDNET LLC
All Rights Reserved