CVE-2023-36640
6.7MEDIUMA use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1
게시됨: 5/14/2024업데이트됨: 11/21/2024
설명
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands
AI 분석AI 기반
영향받는 제품
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortipam
fortinetfortios
fortinetfortios
fortinetfortios
fortinetfortios
fortinetfortios
7.2.0
참조
- https://fortiguard.com/psirt/FG-IR-23-137Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-137Vendor Advisory