Every CVE whose affected-product data names Fortinet Fortitester, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2022-33872 — CVSS 9.8 (critical): An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Telnet login…
CVE-2022-33874 — CVSS 9.8 (critical): An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in SSH login…
CVE-2020-12817 — CVSS 8.8 (high): An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to…
CVE-2022-35846 — CVSS 8.1 (high): An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 through 3.9.1, 4.0.0…
CVE-2022-33870 — CVSS 7.8 (high): An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester…
CVE-2022-35845 — CVSS 7.8 (high): Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester…
CVE-2022-33873 — CVSS 6.8 (medium): An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Console login…
CVE-2023-36642 — CVSS 6.7 (medium): An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester…
CVE-2023-40716 — CVSS 6.7 (medium): An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester…
CVE-2022-35844 — CVSS 6.7 (medium): An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester…
CVE-2022-38372 — CVSS 6.7 (medium): A hidden functionality vulnerability [CWE-1242] in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow…
CVE-2023-40715 — CVSS 5.5 (medium): A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access…
CVE-2020-12815 — CVSS 5.4 (medium): An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script…
CVE-2023-40717 — CVSS 5.3 (medium): A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell…
CVE-2022-23439 — CVSS 4.7 (medium): A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via…
CVE-2024-47569 — CVSS 4.3 (medium): A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 through 7.4.2, FortiMail 7.2.0 through 7.2.6…