VYPR
Unrated severityNVD Advisory· Published Apr 11, 2023· Updated Oct 22, 2024

CVE-2023-22641

CVE-2023-22641

Description

A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.

Affected products

4
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    >=1.0, <=7.2.2, except unknown specific patch+ 1 more
    • (no CPE)range: >=1.0, <=7.2.2, except unknown specific patch
    • (no CPE)range: 7.2.0
  • Fortinet/Fortiosllm-fuzzy2 versions
    >=6.0, <=7.2.3, except unknown specific patch+ 1 more
    • (no CPE)range: >=6.0, <=7.2.3, except unknown specific patch
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.