CVE-2023-37935 Information

Description

A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC if the attacker is able to read the GET requests to those services.

Reference

https://fortiguard.com/psirt/FG-IR-23-120