Nessus 的 Firewalls 系列

ID名称严重性
162313Fortinet FortiOS < 6.4 MitM (FG-IR-18-292)
medium
161892Fortinet FortiOS < 6.0.14 / 6.2 < 6.2.10 / 6.4 < 6.4.8 / 7.0 < 7.0.3 任意文件下载漏洞 (FG-IR-21-201)
high
161660Fortinet FortiOS 证书验证漏洞 (FG-IR-21-239)
medium
161659Fortinet FortiOS 访问控制漏洞 (FG-IR-21-147)
medium
161606Fortinet FortiOS Sensitive Information Disclosure (FG-IR-21-231)
medium
159541Sophos XG Firewall <= 18.5.3 RCE
critical
158390Fortinet FortiOS 7.0.x < 7.0.2 Path Traversal (FG-IR-21-181)
high
156783Fortinet FortiOS 权限升级 (FG-IR-20-131)
high
156754Fortinet FortiOS CSRF (FG-IR-20-158)
high
156752Fortinet FortiOS 整数溢出 (FG-IR-21-049)
critical
156569Fortinet FortiOS 缓冲区溢出 (FG-IR-21-173)
medium
156550Fortinet FortiOS 基于堆的缓冲区溢出 (FG-IR-21-115)
high
152514Fortinet FortiOS <= 6.2.9 / 6.4.x <= 6.4.6 / 7.0.0 缓冲区下界之下写入漏洞 (FG-IR-21-046)
high
150981SonicWall SonicOS 缓冲区溢出 (SNWLID-2021-0006)
high
150156Fortinet FortiGate <= 5.6.13 / 6.0.x < 6.0.13 / 6.2.x < 6.2.8 / 6.4.x < 6.4.5 XSS (FG-IR-20-199)
medium
148336Trend Micro InterScan Web Security Virtual Appliance (IWSVA) DecryptPasswd 基于堆栈的缓冲区溢出
critical
148111Squid 2.x < 4.14 / 5.x < 5.0.5(SQUID-2020: 11)
high
147661Fortinet FortiOS <= 6.2.5 / 6.4 <= 6.4.2 流量绕过 (FG-IR-20-172)
high
146433pfSense < 2.4.5 多个漏洞
critical
146430pfSense < 2.4.4-p3 多个漏洞
high
146206pfSense 2.4.x < 2.4.5-p1 多个漏洞
high
146059pfSense 2.4.x < 2.4.4-p1 多个漏洞 (SA-18_09)
high
144948Fortinet FortiOS < 6.0.11 / 6.2 < 6.2.5 / 6.4 < 6.4.2 信息泄露 (FG-IR-20-103)
medium
144585Trend Micro IWSVA 6.5 < 6.5 Build 1919 多个漏洞
critical
143482Fortinet FortiGate 6.2.2 < 6.2.6 / 6.4.x < 6.4.2 XSS (FG-IR-20-068)
medium
141122Fortinet FortiOS < 6.0.10 / 6.2.x < 6.2.4 / 6.4.x < 6.4.1 不当验证 (FG-IR-19-283)
critical
141121Fortinet FortiOS < 5.6.13 / 6.0 < 6.0.11 缓冲区溢出 (FG-IR-20-083)
critical
139923Squid 2.x < 4.13 / 5.x < 5.0.4(SQUID-2020: 8 和 SQUID-2020: 10)
medium
139912Squid 2.x < 4.12 / 5.x < 5.0.3(SQUID-2020: 5、SQUID-2020: 6 和 SQUID-2020: 7)
high
139547对证书撤销的错误检查 (FG-IR-19-144)
high
139546对证书撤销的错误检查 (FG-IR-19-144)
high
139031Trend Micro InterScan Web Security Virtual Appliance 检测
info
139030Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 多个漏洞 (000253095)
critical
134891Check Point Gaia 操作系统管理员密码截断 (sk156192)
high
134890Check Point 本地权限提升
high
134563Check Point 安全网关拒绝服务 (sk161812)
high
134228Fortinet FortiOS 5.x >= 5.4.0 / 6.x < 6.0.9 / 6.2.x < 6.2.2 URL 重定向漏洞 (FG-IR-19-179)
medium
133358Fortinet FortiOS < 6.2.3 多个漏洞 (FG-IR-19-217)
high
132317Fortinet FortiOS < 5.6.10 / 6.0 < 6.0.7 / 6.2.x < 6.2.1 加密漏洞 (FG-IR-19-007)
medium
131320Fortinet FortiOS < 6.0.7 或 6.2.2 SSL VPN Web 门户输入验证不当 (FG-IR-19-236)
medium
131283Fortinet FortiOS < 6.0.7 信息泄露 MitM (FG-IR-18-100)
medium
131185Fortinet FortiOS < 5.6.11 / 6.0.0 < 6.0.7 / 6.2.0 < 6.2.2 信息泄露 (FG-IR-19-134)
medium
130209FortiOS DRBG 熵不足 (FG-IR-19-186)
high
129782Fortinet FortiGate 5.2.0 < 5.6.11 / 6.0.x < 6.0.5 XSS (FG-IR-19-034)
medium
128552Fortinet FortiOS SSL VPN 目录遍历漏洞 (FG-IR-18-384)(直接检查)
critical
128329Symantec ProxySG 6.5 < 6.5.10.15 / 6.6 < 6.7.4.2 XSS 和信息泄露漏洞 (SA1472)
medium
128303Symantec ProxySG 6.5 / 6.6 / 6.7 < 6.7.4.141 OpenSSL 拒绝服务漏洞 (SA1462)
high
128283Check Point Gaia 操作系统使用默认密码打开接口 (sk145612)
critical
128278Fortinet FortiOS 5.6.0 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN 上多个 pre-auth XSS 漏洞 (FG-IR-18-383)
medium
128149Check Point Gaia 操作系统管理员密码截断 (sk155172)
critical