How severe is CVE-2022-33871?

CVE-2022-33871 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2022-33871

Name: fortiweb
Author: fortinet

6.6MEDIUM

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or c

发布于: 2/16/2023更新于: 11/21/2024

描述

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations.

AI分析AI驱动

受影响产品

fortinetfortiweb

6.4.0

fortinetfortiweb

6.4.1

fortinetfortiweb

6.4.2

fortinetfortiweb

7.0.0

fortinetfortiweb

7.0.1

参考资料

https://fortiguard.com/psirt/FG-IR-22-164
PatchVendor Advisory
https://fortiguard.com/psirt/FG-IR-22-164
PatchVendor Advisory