COOEY // HUBcompliance · community · intelligence

FAIL › dossier

FortiOS and FortiProxy product

4
failure events
0
zero-days
2
RCEs
4
on KEV
4
critical
88
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 4 events

DateEventSevFlagsShameSummary
2025-01-14 CVE-2024-55591 critical ⚡RCE ⌖KEV 88 An unauthenticated remote attacker can bypass authentication to gain super-admin privileges on Fortinet FortiOS and FortiProxy via a Node.js websocket module flaw.
2025-03-18 CVE-2025-24472 critical ⚡RCE ⌖KEV 85 A remote attacker can bypass authentication to gain super-admin privileges on Fortinet FortiOS and FortiProxy via crafted CSF proxy requests.
2022-01-10 CVE-2018-13382 critical ⌖KEV 80 An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
2022-01-10 CVE-2018-13383 critical ⌖KEV 80 A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.