4 matches found
Fortinet Fortigate Format String Bug in HTTPSd (FG-IR-23-138)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-138 advisory. - A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10,...
Vulnerabilities fixed in Fortinet FortiOS
Fortinet has fixed vulnerabilities in FortiOS, as used in FortiProxy and FortiPAM. An unauthenticated malicious person could exploit the vulnerability with reference CVE-2023-47536 to exploit a security measure to bypass and route traffic through the system that should not be allowed should be...
CVE-2023-36639
CVE-2023-36639 describes a vulnerability where an externally-controlled format string could allow remote code execution in Fortinet FortiProxy, FortiOS, and FortiPAM. Affected are FortiProxy 7.2.0–7.2.4, 7.0.0–7.0.10; FortiOS 7.4.0, 7.2.0–7.2.4, 7.0.0–7.0.11, 6.4.0–6.4.12, 6.2.0–6.2.15, 6.0.0–6.0...
CVE-2023-36639
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows...