Fortinet Fortiproxy vulnerabilities

CVE-2025-25248 [MEDIUM] CWE-190 CVE-2025-25248: An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, versio An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3

CVE-2024-52965 [HIGH] CWE-304 CVE-2024-52965: A missing critical step in authentication vulnerability [CWE-304] in Fortinet FortiOS version 7.6.0 A missing critical step in authentication vulnerability [CWE-304] in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user using api-key + PKI user certificate authentication to lo

CVE-2024-55599 [MEDIUM] CWE-358 CVE-2024-55599: An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6 An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated user to bypass the DNS filter via Apple devices.

CVE-2025-22254 [HIGH] CWE-269 CVE-2025-22254: An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 thr An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7, FortiWeb 7.6.0 through 7.6.1, FortiWeb 7.4.0 through 7.4.6

CVE-2024-50568 [MEDIUM] CWE-300 CVE-2024-50568: A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 throu A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated attacker with the knowledge of device specific data to spoof the identity of a downstream device

CVE-2024-50562 [MEDIUM] CWE-613 CVE-2024-50562: An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out.

CVE-2023-29184 [LOW] CWE-459 CVE-2023-29184: An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy v An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests.

CVE-2025-22252 [HIGH] CWE-306 CVE-2025-22252: A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin via an authentication bypass.

CVE-2024-26013 [HIGH] CWE-923 CVE-2024-26013: A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in For A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9 and before 7.0.15, Fortinet FortiManager version 7.4.0 thr

CVE-2023-37930 [HIGH] CWE-908 CVE-2023-37930: Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE-834] vulnerabilities vulnerability in Fortinet allows a VPN user to corrupt memory potentially leading to code or commands execution via specifically crafted requests.

CVE-2024-50565 [HIGH] CWE-300 CVE-2024-50565: A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in For A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15 and 6.2.0 through 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15 and 2.0.0 through 2.0.14, For

CVE-2023-25610 [CRITICAL] CWE-124 CVE-2023-25610: A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet F A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5,

CVE-2019-15706 [MEDIUM] CWE-79 CVE-2019-15706: An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy v An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy version 2.0.0, version 1.2.9 and below and FortiOS version 6.2.1 and below, version 6.0.8 and below, version 5.6.12 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS).

CVE-2024-26006 [MEDIUM] CWE-79 CVE-2024-26006: An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS ver An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripti

CVE-2024-45324 [HIGH] CWE-134 CVE-2024-45324: A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0 throug A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7.2.12 and before 7.0.19, FortiPAM version 1.4.0 through 1.4.2 and before 1.3.1, FortiSRA version 1.4.0 t

CVE-2025-24472 [HIGH] CWE-288 CVE-2025-24472: An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiO An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to gain super-admin privileges on the downstream device,

CVE-2023-40721 [MEDIUM] CWE-134 CVE-2023-40721: A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allo A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allows a privileged attacker to execute arbitrary code or commands via specially crafted requests.

CVE-2022-23439 [MEDIUM] CWE-610 CVE-2022-23439: A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver

CVE-2024-48886 [CRITICAL] CWE-1390 CVE-2024-48886: A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 t A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 throug

CVE-2024-48884 [CRITICAL] CWE-22 CVE-2024-48884: A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, FortiManager Cloud 7.4.1 through 7.4.3, FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.4, FortiOS 7.2.0 through 7.2.9, FortiOS 7.0.0 through 7.0.15, FortiOS 6.4.0 through 6.4.15, Fo