Lucene search
China National Vulnerability DatabaseCNVD-2023-18300HistoryFeb 20, 2023 - 12:00 a.m.
Fortinet FortiWeb Buffer Overflow Vulnerability (CNVD-2023-18300)
2023-02-2000:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
fortinet
fortiweb
buffer overflow
vulnerability
http requests
firewall
sql injection
cross-site scripting
0.001 Low
EPSS
Percentile
36.1%
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc. Fortinet FortiWeb suffers from a buffer overflow vulnerability that can be exploited by an attacker with a specially designed HTTP requests to elevate privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortinet fortiweb | eq | 6.4 | |
| fortinet fortiweb >=7.0.0, | le | 7.0.1 | |
| fortinet fortiweb >=6.3.6, | le | 6.3.19 |
Related
cvelist
cvelist
CVE-2023-23780
2023-02-16 18:05:49
prion
prion
Stack overflow
2023-02-16 19:15:00
fortinet
fortinet
FortiWeb - Multiple Stack based buffer overflow in web interface
2023-02-16 00:00:00
cve
cve
CVE-2023-23780
2023-02-16 19:15:14
nessus
nessus
nvd
nvd
CVE-2023-23780
2023-02-16 19:15:14