Vulnerabilities (CVE)

Filtered by vendor Fortinet Subscribe
Filtered by product Fortigate
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-3058 1 Fortinet 2 Fortigate, Fortios 2024-11-21 7.5 HIGH N/A
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
CVE-2005-3057 1 Fortinet 2 Fortigate, Fortios 2024-11-21 10.0 HIGH N/A
The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP.