Known vulnerabilities in Fortinet, Inc FortiWeb 6.3.12

Vendor: Fortinet, Inc

Website: https://www.fortinet.com/

Total Security Bulletins: 32

Security bulletins (32)

Secuity bulletin	Severity	Status	Published
SB2025012103: Authenticated SQL injection in FortiWeb	Low	Patched	21.01.2025
SB2024111418: Information disclosure in FortiWeb	Low	Patched	14.11.2024
SB20240709122: MitM attack in FortiWeb	Medium	Patched	09.07.2024
SB20240611286: Improper authorization in FortiWeb	Medium	Patched	11.06.2024
SB2024051630: Information disclosure in FortiWeb	Low	Patched	16.05.2024
SB2023121849: Log injection in FortiWeb	Medium	Patched	18.12.2023
SB2023091601: Security restrictions bypass in Fortinet FortiWeb	Medium	Patched	16.09.2023
SB2023070504: Denial of service in multiple Fortinet products firmware upgrade function	Low	Patched	05.07.2023
SB2023041322: Stored XSS in FortiWeb	Medium	Patched	13.04.2023
SB2023030947: Arbitrary file read in FortiWeb and FortiRecorder	Low	Patched	09.03.2023
SB2023030945: OS command injection in FortiWeb	Low	Patched	09.03.2023
SB2023021732: OS Command Injection FortiWeb	Medium	Patched	17.02.2023
SB2023021731: Multiple vulnerabilities in FortiWeb	Medium	Patched	17.02.2023
SB2023021704: Padding oracle in cookie encryption in FortiWeb	Low	Patched	17.02.2023
SB2023021678: Improper authorization in FortiWeb	Medium	Patched	16.02.2023
SB2023021679: Path traversal in FortiWeb API controller	Medium	Patched	16.02.2023
SB2023021680: Privilege escalation in FortiWeb	Medium	Patched	16.02.2023
SB2023021681: Stack based buffer overflow in FortiWeb	Low	Patched	16.02.2023
SB2023021682: Path traversal in FortiWeb API	Medium	Patched	16.02.2023
SB2023021683: Path traversal in FortiWeb	Low	Patched	16.02.2023
SB2023021684: Path traversal in FortiWeb API handler	Medium	Patched	16.02.2023
SB2023021685: Privilege escalation in FortiWeb CLI	Low	Patched	16.02.2023
SB2023021686: Session fixation in FortiWeb	Medium	Patched	16.02.2023
SB2023021687: Remote code execution in FortiWeb Proxyd	High	Patched	16.02.2023
SB2023010328: HTTP response splitting in FortiWeb API	Medium	Patched	03.01.2023
SB2023010354: HTTP response splitting in FortiWeb API	Medium	Patched	03.01.2023
SB2022090661: SQL injection in FortiWeb	Low	Patched	06.09.2022
SB2022040428: Denial of service in FortiWeb OpenSSL library	Medium	Patched	04.04.2022
SB2022020172: Multiple vulnerabilities in Fortinet FortiWeb	High	Patched	01.02.2022
SB2021090714: Buffer overflow in FortiWeb	Medium	Patched	07.09.2021
SB2021090713: Remote OS commands execution in FortiWeb	Medium	Patched	07.09.2021
SB2021081913: OS command injection in FortiWeb	Medium	Patched	19.08.2021