VYPR
Unrated severityNVD Advisory· Published Mar 31, 2025· Updated Mar 31, 2025

CVE-2023-33302

CVE-2023-33302

Description

A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Fortinet/Fortimailv52 versions
    cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*range: 6.4.0
    • (no CPE)range: >=6.4.0 <=6.4.4
  • Fortinet/Fortindrllm-fuzzy2 versions
    >=7.2.0 <=7.2.0+ 1 more
    • (no CPE)range: >=7.2.0 <=7.2.0
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.