Fortinet Fortiswitch
10 CVEs affecting Fortinet Fortiswitch. Latest disclosed: 2025-04-08. Critical: 4, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-4573 | Critical | 9.8 | 2016-09-09 | Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE, FSW-248D-FPOE, FSW-424D, FSW-424D-POE, FSW-424D-FPOE, FSW… |
CVE-2016-6909 | Critical | 9.8 | 2016-08-24 | Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows rem… |
CVE-2023-37936 | Critical | 9.6 | 2025-01-14 | A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0… |
CVE-2024-48887 | Critical | 9.3 | 2025-04-08 | A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially c… |
CVE-2023-37937 | High | 7.6 | 2025-01-14 | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and… |
CVE-2022-27488 | High | 7.5 | 2023-12-13 | A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0… |
CVE-2021-42757 | Medium | 6.3 | 2021-12-08 | A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to ac… |
CVE-2022-27490 | Medium | 5.1 | 2023-03-07 | A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 through 6.0.4, FortiAnalyzer version 6.0.0 through 6.0.4, F… |
CVE-2022-23439 | Medium | 4.1 | 2025-01-22 | A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, wh… |
CVE-2021-43074 | Medium | 4.1 | 2023-02-16 | An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions… |