Fortinet Fortivoice
20 CVEs affecting Fortinet Fortivoice. Latest disclosed: 2026-04-14. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-32756 | Critical | 9.6 | 2025-05-13 | A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1… |
CVE-2023-37931 | High | 8.6 | 2025-01-14 | An improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-88] in FortiVoice Entreprise version 7.0.0 through 7… |
CVE-2025-60024 | High | 7.7 | 2025-12-09 | Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal') vulnerabilities [CWE-22] vulnerability in Fortinet FortiVoice 7.2.0 th… |
CVE-2025-58692 | High | 7.7 | 2025-11-18 | An improper neutralization of special elements used in an SQL Command ("SQL Injection") vulnerability [CWE-89] vulnerability in Fortinet FortiVoice 7.2.0 throu… |
CVE-2022-27488 | High | 7.5 | 2023-12-13 | A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0… |
CVE-2025-47856 | High | 7.2 | 2025-10-14 | Two improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiVoice version 7.2.0, 7… |
CVE-2025-64156 | Medium | 6.8 | 2025-12-09 | An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7… |
CVE-2023-40720 | Medium | 6.7 | 2024-05-14 | An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an auth… |
CVE-2024-40587 | Medium | 6.3 | 2025-01-14 | An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 throu… |
CVE-2021-36193 | Medium | 6.3 | 2022-02-02 | Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code ex… |
CVE-2021-42757 | Medium | 6.3 | 2021-12-08 | A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to ac… |
CVE-2023-37932 | Medium | 6.2 | 2024-01-10 | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7… |
CVE-2025-58693 | Medium | 5.7 | 2026-01-13 | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 th… |
CVE-2024-23104 | Medium | 5.4 | 2026-04-14 | An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions… |
CVE-2024-48885 | Medium | 5.2 | 2025-01-16 | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0… |
CVE-2024-47569 | Medium | 4.2 | 2025-10-14 | A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 through 7.4.2, FortiMail 7.2.0 through 7.2.6, FortiMail 7.0 all v… |
CVE-2024-40588 | Medium | 4.2 | 2025-08-12 | Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versio… |
CVE-2022-23439 | Medium | 4.1 | 2025-01-22 | A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, wh… |
CVE-2025-55717 | Low | 3.8 | 2026-03-10 | A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, Fo… |
CVE-2024-50565 | Low | 3.0 | 2025-04-08 | A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7… |