CVE-2023-33308

A stack-based overflow vulnerability CWE-124 in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy...

CVE-2023-33308

CVE-2023-33308 impacts Fortinet FortiOS (versions 7.0.0–7.0.10, 7.2.0–7.2.3) and FortiProxy (7.0.0–7.0.9, 7.2.0–7.2.2). A stack-based overflow (CWE-124) may allow a remote, unauthenticated attacker to execute arbitrary code via crafted packets that reach proxy or firewall policies when SSL deep p...

Vulnerabilities fixed in FortiNet FortiOS and FortiProxy

FortiNet has fixed vulnerabilities in FortiOS and FortiProxy. A malicious party could exploit the vulnerabilities to execute arbitrary execute arbitrary code on the vulnerable system, or under specific circumstances to take over a user's session. The vulnerability with attribute CVE-2023-33308...

CVE-2023-33308

creationtimestamp| type| source ---|---|--- 2023-07-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1063 2023-07-12 19:55:44+00:00| seen| https://t.me/CyberSecurityIL/24879 2023-07-12 20:01:05+00:00| seen| https://t.me/truesecator/4609 2023-07-13 09:11:49+00:00| seen|...

Fortinet Fortigate Proxy mode with deep inspection - Stack-based buffer overflow (FG-IR-23-183)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-183 advisory. - A stack-based overflow vulnerability CWE-124 in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and...