How severe is CVE-2023-23779?

CVE-2023-23779 has a CVSS v3 score of 6.8 (MEDIUM).

CVE-2023-23779

Name: fortiweb
Author: fortinet

6.8MEDIUM

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and b

Published: 2/16/2023Updated: 11/21/2024

Description

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests.

AI AnalysisPowered by AI

Affected Products

fortinetfortiweb

6.4.0

fortinetfortiweb

6.4.1

fortinetfortiweb

6.4.2

fortinetfortiweb

7.0.0

fortinetfortiweb

7.0.1

References

https://fortiguard.com/psirt/FG-IR-22-133
Product
https://fortiguard.com/psirt/FG-IR-22-133
Product