A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-21-234 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
27 Feb 2023, 17:47
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Fortinet fortiweb
Fortinet |
|
| CPE | cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:* | |
| CWE | CWE-787 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| References | (MISC) https://fortiguard.com/psirt/FG-IR-21-234 - Vendor Advisory |
16 Feb 2023, 19:39
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-02-16 19:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-25602
Mitre link : CVE-2023-25602
CVE.ORG link : CVE-2023-25602
JSON object : View
Products Affected
fortinet
- fortiweb