VYPR
Unrated severityNVD Advisory· Published Apr 9, 2024· Updated Aug 2, 2024

CVE-2023-48784

CVE-2023-48784

Description

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or commands via specially crafted requests.

Affected products

2
  • Fortinet/Fortiosllm-fuzzy2 versions
    <=7.4.1, <=7.2.7, <=7.0 all, <=6.4 all+ 1 more
    • (no CPE)range: <=7.4.1, <=7.2.7, <=7.0 all, <=6.4 all
    • (no CPE)range: 7.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.