CVE-2023-36640 Information

May 15, 2024 cve

Description

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4 7.0.0 through 7.0.10 2.0.0 through 2.0.13 1.2.0 through 1.2.13 1.1.0 through 1.1.6 1.0.0 through 1.0.7 FortiPAM versions 1.0.0 through 1.0.3 FortiOS versions 7.2.0 7.0.0 through 7.0.12 6.4.0 through 6.4.14 6.2.0 through 6.2.15 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands

Reference

https://fortiguard.com/psirt/FG-IR-23-137

Share on: