Skip to main content

Fortivoice

16 CVEs product

Monthly

CVE-2025-55717 MEDIUM This Month

A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all versions, FortiRecorder 6.4 all versions, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6 may allow an authenticated malicious administrator to obtain user's secrets via CLI commands. Practical exploitability is limited ...

Fortinet Fortivoice Fortimail Fortirecorder
NVD VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-58693 MEDIUM This Month

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests. [CVSS 6.5 MEDIUM]

Fortinet Path Traversal Fortivoice
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-58692 HIGH This Month

An improper neutralization of special elements used in an SQL Command ("SQL Injection") vulnerability [CWE-89] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Fortinet Fortivoice
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2024-40588 MEDIUM Monitor

Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions,. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Path Traversal Forticamera Firmware Fortimail Fortindr +2
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-32756 CRITICAL KEV THREAT CERT-EU Act Now

Fortinet FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice contain a stack-based buffer overflow enabling unauthenticated remote code execution across multiple Fortinet products.

Buffer Overflow RCE Stack Overflow Fortinet Fortimail +4
NVD
CVSS 3.1
9.8
EPSS
41.6%
CVE-2024-50565 LOW Monitor

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortinet Fortiweb Fortivoice Fortiproxy +3
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2024-26013 HIGH This Week

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortinet Fortianalyzer Fortimanager Fortios +3
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2021-24008 MEDIUM This Month

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiDDoS version 5.4.0, version 5.3.2 and below, version 5.2.0, version 5.1.0, version 5.0.0,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Fortimail Fortiddos Fortivoice Fortirecorder +1
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2022-23439 MEDIUM This Month

A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortinet Fortiadc Fortiauthenticator Fortiddos +11
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-48885 CRITICAL Act Now

Privilege escalation via path traversal affects multiple Fortinet appliances - FortiWeb (6.4, 7.0, 7.2, 7.4.0-7.4.4, 7.6.0), FortiVoice (6.0, 6.4.0-6.4.9, 7.0.0-7.0.4), and FortiRecorder (7.0.0-7.0.4, 7.2.0-7.2.1) - where an attacker sends specially crafted packets that break out of a restricted directory to gain elevated privileges. Fortinet PSIRT scores this CVSS 9.1 with no confidentiality impact but high integrity and availability impact, reflecting a management-plane compromise rather than data theft. There is no public exploit identified at time of analysis and EPSS is modest (0.39%, 60th percentile), so exploitation is not yet observed at scale.

Fortinet Path Traversal Fortirecorder Fortivoice Fortiweb
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2024-48884 CRITICAL Emergency

Arbitrary file write and folder deletion in Fortinet FortiManager, FortiOS, and FortiProxy is possible via a path traversal flaw in the security fabric interface, where a remote authenticated attacker can write arbitrary files and, more severely, a remote unauthenticated attacker can delete arbitrary folders. The flaw carries a CVSS 9.1 (I:H/A:H) and an unusually high EPSS of 39.29% (97th percentile), signaling elevated near-term exploitation likelihood, though no public exploit is identified and it is not yet in CISA KEV. Affected products span multiple FortiOS 6.4-7.6, FortiManager 7.4-7.6, FortiProxy 1.0-7.4, and FortiManager Cloud branches.

Fortinet Path Traversal Fortimanager Fortimanager Cloud Fortiproxy +4
NVD
CVSS 3.1
9.1
EPSS
39.3%
CVE-2024-40587 MEDIUM This Month

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Fortinet Fortivoice
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-37931 HIGH This Week

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-88] in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Fortivoice
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-37932 MEDIUM This Month

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Fortivoice
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-42757 MEDIUM This Month

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Fortinet Fortiadc Fortianalyzer +11
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2020-9294 CRITICAL POC THREAT Act Now

An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Fortimail Fortivoice
NVD GitHub
CVSS 3.1
9.8
EPSS
77.8%
EPSS 0% CVSS 4.0
MEDIUM This Month

A cleartext storage of sensitive information vulnerability [CWE-312] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0 all versions, FortiRecorder 6.4 all versions, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6 may allow an authenticated malicious administrator to obtain user's secrets via CLI commands. Practical exploitability is limited ...

Fortinet Fortivoice Fortimail +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests. [CVSS 6.5 MEDIUM]

Fortinet Path Traversal Fortivoice
NVD
EPSS 0% CVSS 8.8
HIGH This Month

An improper neutralization of special elements used in an SQL Command ("SQL Injection") vulnerability [CWE-89] vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Fortinet Fortivoice
NVD
EPSS 0% CVSS 4.4
MEDIUM Monitor

Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0, FortiCamera 1.1 all versions, FortiCamera 1.0 all versions,. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Path Traversal Forticamera Firmware +4
NVD
EPSS 42% CVSS 9.8
CRITICAL KEV THREAT Act Now

Fortinet FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice contain a stack-based buffer overflow enabling unauthenticated remote code execution across multiple Fortinet products.

Buffer Overflow RCE Stack Overflow +6
NVD
EPSS 0% CVSS 3.1
LOW Monitor

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortinet Fortiweb +5
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortinet Fortianalyzer +5
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiDDoS version 5.4.0, version 5.3.2 and below, version 5.2.0, version 5.1.0, version 5.0.0,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Fortimail Fortiddos +3
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortinet Fortiadc +13
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Privilege escalation via path traversal affects multiple Fortinet appliances - FortiWeb (6.4, 7.0, 7.2, 7.4.0-7.4.4, 7.6.0), FortiVoice (6.0, 6.4.0-6.4.9, 7.0.0-7.0.4), and FortiRecorder (7.0.0-7.0.4, 7.2.0-7.2.1) - where an attacker sends specially crafted packets that break out of a restricted directory to gain elevated privileges. Fortinet PSIRT scores this CVSS 9.1 with no confidentiality impact but high integrity and availability impact, reflecting a management-plane compromise rather than data theft. There is no public exploit identified at time of analysis and EPSS is modest (0.39%, 60th percentile), so exploitation is not yet observed at scale.

Fortinet Path Traversal Fortirecorder +2
NVD
EPSS 39% CVSS 9.1
CRITICAL Emergency

Arbitrary file write and folder deletion in Fortinet FortiManager, FortiOS, and FortiProxy is possible via a path traversal flaw in the security fabric interface, where a remote authenticated attacker can write arbitrary files and, more severely, a remote unauthenticated attacker can delete arbitrary folders. The flaw carries a CVSS 9.1 (I:H/A:H) and an unusually high EPSS of 39.29% (97th percentile), signaling elevated near-term exploitation likelihood, though no public exploit is identified and it is not yet in CISA KEV. Affected products span multiple FortiOS 6.4-7.6, FortiManager 7.4-7.6, FortiProxy 1.0-7.4, and FortiManager Cloud branches.

Fortinet Path Traversal Fortimanager +6
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Fortinet Fortivoice
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-88] in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Fortivoice
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Fortivoice
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Fortinet +13
NVD
EPSS 78% CVSS 9.8
CRITICAL POC THREAT Act Now

An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Fortimail Fortivoice
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy