CVE-2023-6764

CVE-2023-6764 is a format-string vulnerability in Zyxel devices’ IPSec VPN functionality. Affected products and versions include Zyxel ATP series firmware 4.32–5.37 Patch 1, USG FLEX series 4.50–5.37 Patch 1, USG FLEX 50(W) 4.16–5.37 Patch 1, and USG20(W)-VPN 4.16–5.37 Patch 1. An attacker could ...

CVE-2023-6764

A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, and USG20W-VPN series...

CVE-2023-6399

A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN series firmware versions from 4.16 through 5.37...

CVE-2023-6399

CVE-2023-6399 is a format-string vulnerability in Zyxel devices (ATP series 4.32–5.37 Patch 1; USG FLEX 4.50–5.37 Patch 1; USG FLEX 50(W) 4.16–5.37 Patch 1; USG20(W)-VPN 4.16–5.37 Patch 1; USG FLEX H 1.10–1.10 Patch 1) that affects the Device Insight feature. The root cause is uncontrolled format...

CVE-2023-6399

A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN series firmware versions from 4.16 through 5.37...

Zyxel ATP Formatting String Error Vulnerability

Zyxel ATP is a firewall from China Heqin Zyxel. A format string error vulnerability exists in Zyxel ATP versions 4.32 through 5.37 Patch 1, which stems from a format string vulnerability in the IPSec VPN feature...

CVE-2024-23113

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,...

CVE-2024-23113

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,...

CVE-2024-23113

CVE-2024-23113 is a format-string vulnerability in Fortinet FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager. An attacker can trigger remote code execution by sending specially crafted packets that influence format-string processing in affected components. Affected versions include FortiOS 7...

CVE-2024-23113

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,...

CVE-2024-23113

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,...

Fortinet FortiOS 格式化字符串错误漏洞

Fortinet FortiOS is a Fortinet security operating system dedicated to the FortiGate network security platform. Fortinet FortiProxy is a secure network proxy that protects employees from network attacks by combining a variety of detection technologies such as Web filtering, DNS filtering, DLP,...

CVE-2024-23113

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,...

Zyxel zysh - Format string Exploit

Proof of concept format string exploit for Zyxel zysh. Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21,...

Zyxel zysh Format String Proof Of Concept

!/usr/bin/expect -f raptorzyshfhtagn.exp - zysh format string PoC exploit Copyright c 2022 Marco Ivaldi "We live on a placid island of ignorance in the midst of black seas of infinity, and it was not meant that we should voyage far." -- H. P. Lovecraft, The Call of Cthulhu "Multiple improper inpu...

Zyxel zysh - Format string

!/usr/bin/expect -f raptorzyshfhtagn.exp - zysh format string PoC exploit Copyright c 2022 Marco Ivaldi "We live on a placid island of ignorance in the midst of black seas of infinity, and it was not meant that we should voyage far." -- H. P. Lovecraft, The Call of Cthulhu "Multiple improper inpu...

Fortinet Fortigate Format String Bug in fgfmd (FG-IR-24-029)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-029 advisory. - A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0...

Fortinet Fortigate Format String Bug in HTTPSd (FG-IR-23-138)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-138 advisory. - A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10,...

K000138508: mod_ssl vulnerability CVE-2004-0700

Security Advisory Description Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are...

ComSndFTP Server 1.3.7 Beta Denial Of Service

!/usr/bin/perl ComSndFTP Server Remote Format String Denial of Service DoS use strict; use warnings; use IO::Socket; $| = 1; my $host = "192.168.172.136"; my $port = "21""; my $payload = '%s%p%x%d'; print "Connecting... "; my $sock = IO::Socket::INET-new PeerAddr = $host, PeerPort = $port, Proto ...