Nessus 的 Firewalls 系列

ID名称严重性
152514Fortinet FortiOS <= 6.4.6 / 7.0.0 缓冲区下界之下写入 (FG-IR-21-046)
high
150156Fortinet FortiGate <= 5.6.13 / 6.0.x < 6.0.13 / 6.2.x < 6.2.8 / 6.4.x < 6.4.5 XSS (FG-IR-20-199)
medium
148336Trend Micro InterScan Web Security Virtual Appliance (IWSVA) DecryptPasswd 基于堆栈的缓冲区溢出
critical
148111Squid 2.x < 4.14 / 5.x < 5.0.5(SQUID-2020: 11)
high
147661Fortinet FortiOS <= 6.2.5 / 6.4 <= 6.4.2 流量绕过 (FG-IR-20-172)
high
146433pfSense < 2.4.5 多个漏洞
critical
146430pfSense < 2.4.4-p3 多个漏洞
high
146206pfSense 2.4.x < 2.4.5-p1 多个漏洞
high
146059pfSense 2.4.x < 2.4.4-p1 多个漏洞 (SA-18_09)
high
144948Fortinet FortiOS < 6.0.11 / 6.2 < 6.2.5 / 6.4 < 6.4.2 信息泄露 (FG-IR-20-103)
medium
144585Trend Micro IWSVA 6.5 < 6.5 Build 1919 多个漏洞
critical
143482Fortinet FortiGate 6.2.2 < 6.2.6 / 6.4.x < 6.4.2 XSS (FG-IR-20-068)
medium
141122Fortinet FortiOS < 6.0.10 / 6.2.x < 6.2.4 / 6.4.x < 6.4.1 不当验证 (FG-IR-19-283)
critical
141121Fortinet FortiOS < 5.6.13 / 6.0 < 6.0.11 缓冲区溢出 (FG-IR-20-083)
critical
139923Squid 2.x < 4.13 / 5.x < 5.0.4(SQUID-2020: 8 和 SQUID-2020: 10)
medium
139912Squid 2.x < 4.12 / 5.x < 5.0.3(SQUID-2020: 5、SQUID-2020: 6 和 SQUID-2020: 7)
high
139547对证书撤销的错误检查 (FG-IR-19-144)
high
139546对证书撤销的错误检查 (FG-IR-19-144)
high
139031Trend Micro InterScan Web Security Virtual Appliance 检测
info
139030Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 多个漏洞 (000253095)
critical
134891Check Point Gaia 操作系统管理员密码截断 (sk156192)
high
134890Check Point 本地权限提升
high
134563Check Point 安全网关拒绝服务 (sk161812)
high
134228Fortinet FortiOS 5.x >= 5.4.0 / 6.x < 6.0.9 / 6.2.x < 6.2.2 URL 重定向漏洞 (FG-IR-19-179)
medium
133358Fortinet FortiOS < 6.2.3 多个漏洞 (FG-IR-19-217)
high
132317Fortinet FortiOS < 5.6.10 / 6.0 < 6.0.7 / 6.2.x < 6.2.1 加密漏洞 (FG-IR-19-007)
medium
131320Fortinet FortiOS < 6.0.7 或 6.2.2 SSL VPN Web 门户输入验证不当 (FG-IR-19-236)
medium
131283Fortinet FortiOS < 6.0.7 信息泄露 MitM (FG-IR-18-100)
medium
131185Fortinet FortiOS < 5.6.11 / 6.0.0 < 6.0.7 / 6.2.0 < 6.2.2 信息泄露 (FG-IR-19-134)
medium
130209FortiOS DRBG 熵不足 (FG-IR-19-186)
high
129782Fortinet FortiGate 5.2.0 < 5.6.11 / 6.0.x < 6.0.5 XSS (FG-IR-19-034)
medium
128552Fortinet FortiOS SSL VPN 目录遍历漏洞 (FG-IR-18-384)(直接检查)
critical
128329Symantec ProxySG 6.5 < 6.5.10.15 / 6.6 < 6.7.4.2 XSS 和信息泄露漏洞 (SA1472)
medium
128303Symantec ProxySG 6.5 / 6.6 / 6.7 < 6.7.4.141 OpenSSL 拒绝服务漏洞 (SA1462)
high
128283Check Point Gaia 操作系统使用默认密码打开接口 (sk145612)
critical
128278Fortinet FortiOS 5.6.0 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN 上多个 pre-auth XSS 漏洞 (FG-IR-18-383)
medium
128149Check Point Gaia 操作系统管理员密码截断 (sk155172)
critical
127134Fortinet FortiGate < 6.2.1 信息泄露 (FG-IR-19-037)
medium
127107SonicWall SonicOS 防火墙多个管理漏洞 (URGENT/11)
critical
125889Fortinet FortiOS < 6.0.5 SSL VPN web 门户主机标头重定向 (FG-IR-19-002)
medium
125888Fortinet FortiOS 5.4.1 < 5.4.11 / 5.6.x < 5.6.9 / 6.0.x < 6.0.5 SSL VPN 安全绕过 (FG-IR-18-389)
high
125887Fortinet FortiOS < 6.0.5 SSL VPN 堆缓冲区溢出 (FG-IR-18-388)
medium
125886Fortinet FortiOS <= 5.4, 5.6.x < 5.6.8, 6.0.x < 6.0.5 SSL VPN 缓冲区溢出 (FG-IR-18-387)
high
125885Fortinet FortiOS 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN 目录遍历漏洞 (FG-IR-18-384)
critical
124328Fortinet FortiManager 未加密密码漏洞 (FG-IR-18-051)
high
124324Fortinet FortiGate < 6.2.0 管理权限提升 (FG-IR-17-053)
high
124280Fortinet FortiGate < 5.4.11 / 5.6.x < 5.6.8 / 6.x < 6.0.3 LDAP 认证泄露 (FG-IR-18-157)
high
122855Fortinet FortiOS 5.6.0 远程代码执行 (FG-IR-18-018)
critical
121474pfSense 不支持版本检测
critical
121356Fortinet FortiGate < 5.6.8 / 6.x < 6.0.3 LDAP 凭据泄露 (FG-IR-18-157)
high