Fortinet Fortiddos-f
9 CVEs affecting Fortinet Fortiddos-f. Latest disclosed: 2026-04-14. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-39815 | High | 7.9 | 2026-04-14 | A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow atta… |
CVE-2022-40679 | High | 7.1 | 2023-04-11 | An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 5.x all versions, 6.0 all versions, 6.1 all versions, 6… |
CVE-2024-45325 | Medium | 6.5 | 2025-09-09 | An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiDDoS-F version 7.0.0 th… |
CVE-2021-36193 | Medium | 6.3 | 2022-02-02 | Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code ex… |
CVE-2021-42757 | Medium | 6.3 | 2021-12-08 | A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to ac… |
CVE-2023-29177 | Medium | 6.2 | 2023-11-14 | Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDo… |
CVE-2022-27486 | Medium | 5.9 | 2024-08-13 | A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5… |
CVE-2023-25603 | Medium | 5.4 | 2023-11-14 | A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an… |
CVE-2022-23439 | Medium | 4.1 | 2025-01-22 | A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, wh… |