Known vulnerabilities in Fortinet, Inc FortiWeb 6.4.3

Vendor: Fortinet, Inc
Website: https://www.fortinet.com/
Total Security Bulletins: 17

Security bulletins (17)

Secuity bulletin Severity Status Published
SB2025101507: Insertion of Sensitive Information Into Sent Data in Fortinet products Low
Patched
15.10.2025
SB2025012103: Authenticated SQL injection in FortiWeb Low
Patched
21.01.2025
SB2025011656: Multiple path traversal vulnerabilities in FortiWeb Medium
Patched
16.01.2025
SB2024111418: Information disclosure in FortiWeb Low
Patched
14.11.2024
SB20240709122: MitM attack in FortiWeb Medium
Patched
09.07.2024
SB20240611286: Improper authorization in FortiWeb Medium
Patched
11.06.2024
SB2023091601: Security restrictions bypass in Fortinet FortiWeb Medium
Patched
16.09.2023
SB2023070504: Denial of service in multiple Fortinet products firmware upgrade function Low
Patched
05.07.2023
SB2023021678: Improper authorization in FortiWeb Medium
Patched
16.02.2023
SB2023021679: Path traversal in FortiWeb API controller Medium
Patched
16.02.2023
SB2023021680: Privilege escalation in FortiWeb Medium
Patched
16.02.2023
SB2023021681: Stack based buffer overflow in FortiWeb Low
Patched
16.02.2023
SB2023021682: Path traversal in FortiWeb API Medium
Patched
16.02.2023
SB2023021684: Path traversal in FortiWeb API handler Medium
Patched
16.02.2023
SB2023021685: Privilege escalation in FortiWeb CLI Low
Patched
16.02.2023
SB2023021686: Session fixation in FortiWeb Medium
Patched
16.02.2023
SB2023010354: HTTP response splitting in FortiWeb API Medium
Patched
03.01.2023