VYPR
Critical severity9.8NVD Advisory· Published Jan 14, 2025· Updated Jun 17, 2026

CVE-2023-37936

CVE-2023-37936

Description

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.

Affected products

2
  • Fortinet/FortiSwitch GUIcpe-rescue2 versions
    cpe:2.3:a:fortinet:fortiswitch:7.4.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortiswitch:7.4.0:*:*:*:*:*:*:*range: 7.4.0
    • (no CPE)range: 7.4.0, 7.2.0-7.2.5, 7.0.0-7.0.7, 6.4.0-6.4.13, 6.2.0-6.2.7, 6.0.0-6.0.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.