EUVD-2023-40584

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Fortinet FortiProxy and FortiOS vulnerabilities allow unauthorized code execution via crafted commands.

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerabilities of the FortiOS command-line interpreter, the FortiSwitchManager local management platform, and the FortiProxy proxy server for protecting against internet attacks allow attackers to execute arbitrary code.	17 May 202400:00	–	bdu_fstec
CNNVD	Fortinet FortiProxy 格式化字符串错误漏洞	14 May 202400:00	–	cnnvd
CNVD	Fortinet FortiProxy Command Execution Vulnerability (CNVD-2024-26504)	15 May 202400:00	–	cnvd
CVE	CVE-2023-36640	14 May 202416:19	–	cve
Cvelist	CVE-2023-36640	14 May 202416:19	–	cvelist
Tenable Nessus	Fortinet Fortigate Format String Bug in cli command (FG-IR-23-137)	22 May 202400:00	–	nessus
NVD	CVE-2023-36640	14 May 202417:15	–	nvd
Positive Technologies	PT-2024-3554 · Fortinet · Fortiproxy +2	14 May 202400:00	–	ptsecurity
RedhatCVE	CVE-2023-36640	23 May 202504:01	–	redhatcve
Vulnrichment	CVE-2023-36640	14 May 202416:19	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "923e1d69-2a23-3e4b-a731-e4ffad9fa67c",
        "vendor": {
          "name": "Fortinet"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1ede1a3a-adeb-33d9-a842-0c017be892c3",
        "product": {
          "name": "FortiPAM"
        },
        "product_version": "1.0.0 ≤1.0.3"
      },
      {
        "id": "283c8e51-134c-30b6-a5f8-5fcd9f9ca6cd",
        "product": {
          "name": "FortiOS"
        },
        "product_version": "7.2.0"
      },
      {
        "id": "44f018a3-7eb8-303d-a406-48b16d1a4c55",
        "product": {
          "name": "FortiProxy"
        },
        "product_version": "7.2.0 ≤7.2.4"
      },
      {
        "id": "5301f3c0-725f-3cf5-ae7d-e064da4c4262",
        "product": {
          "name": "FortiProxy"
        },
        "product_version": "1.1.0 ≤1.1.6"
      },
      {
        "id": "68dfd396-36f1-3ba9-b12a-0d12129037de",
        "product": {
          "name": "FortiOS"
        },
        "product_version": "6.4.0 ≤6.4.14"
      },
      {
        "id": "805c3301-0a3a-3283-9e5d-7ec5496283d2",
        "product": {
          "name": "FortiProxy"
        },
        "product_version": "7.0.0 ≤7.0.10"
      },
      {
        "id": "909a6354-1ec1-397b-a790-3ab1c53fcdec",
        "product": {
          "name": "FortiProxy"
        },
        "product_version": "2.0.0 ≤2.0.14"
      },
      {
        "id": "9ca672eb-9de1-381e-859e-c285e5762722",
        "product": {
          "name": "FortiOS"
        },
        "product_version": "7.0.0 ≤7.0.12"
      },
      {
        "id": "bb4f4bfe-c25a-35f6-8500-7c69a89dc817",
        "product": {
          "name": "FortiProxy"
        },
        "product_version": "1.0.0 ≤1.0.7"
      },
      {
        "id": "bed88fee-1e13-3520-a1b4-13a3153f9da8",
        "product": {
          "name": "FortiOS"
        },
        "product_version": "6.2.0 ≤6.2.16"
      },
      {
        "id": "e9a0297b-0713-38cb-9d31-fdfb5fa097d2",
        "product": {
          "name": "FortiOS"
        },
        "product_version": "6.0.0 ≤6.0.16"
      },
      {
        "id": "ee8832a8-3454-3965-9c9d-446fac60dda7",
        "product": {
          "name": "FortiProxy"
        },
        "product_version": "1.2.0 ≤1.2.13"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-23-137

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.7

EPSS0.00087

SSVC