Vulnerabilities > Fortinet > Fortios > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-24 | CVE-2020-12812 | Improper Handling of Case Sensitivity vulnerability in Fortinet Fortios An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username. | 9.8 |
| 2019-06-04 | CVE-2018-13379 | Path Traversal vulnerability in Fortinet Fortios and Fortiproxy An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. | 9.8 |
| 2019-02-08 | CVE-2018-1352 | Use of Externally-Controlled Format String vulnerability in Fortinet Fortios 5.6.0 A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable. | 9.8 |
| 2016-08-24 | CVE-2016-6909 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fortinet Fortios and Fortiswitch Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER. | 9.8 |
| 2016-01-15 | CVE-2016-1909 | Permissions, Privileges, and Access Controls vulnerability in Fortinet Fortios Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session. | 9.8 |