CVE-2023-23780

A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of privilege via specifically crafted HTTP requests.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:46

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 8.0
References () https://fortiguard.com/psirt/FG-IR-22-118 - Vendor Advisory () https://fortiguard.com/psirt/FG-IR-22-118 - Vendor Advisory

Information

Published : 2023-02-16 19:15

Updated : 2024-11-21 07:46


NVD link : CVE-2023-23780

Mitre link : CVE-2023-23780

CVE.ORG link : CVE-2023-23780


JSON object : View

Products Affected

fortinet

  • fortiweb
CWE
CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write