CVE-2023-22636 Information

Description

An unauthorized configuration download vulnerability in FortiWeb 6.3.6 through 6.3.21 6.4.0 through 6.4.2 and 7.0.0 through 7.0.4 may allow a local attacker to access confidential configuration files via a crafted http request.

Reference

https://fortiguard.com/psirt/FG-IR-22-460