CVE-2023-46714

A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*

History

21 Nov 2024, 08:29

Type Values Removed Values Added
References () https://fortiguard.com/psirt/FG-IR-23-415 - Vendor Advisory () https://fortiguard.com/psirt/FG-IR-23-415 - Vendor Advisory

23 May 2024, 16:03

Type Values Removed Values Added
First Time Fortinet fortios
Fortinet
References () https://fortiguard.com/psirt/FG-IR-23-415 - () https://fortiguard.com/psirt/FG-IR-23-415 - Vendor Advisory
CPE cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*
Summary
  • (es) Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria [CWE-121] en Fortinet FortiOS versión 7.2.1 a 7.2.6 y versión 7.4.0 a 7.4.1 permite a un atacante privilegiado sobre la interfaz administrativa ejecutar código o comandos arbitrarios a través de HTTP o Solicitudes HTTP.

14 May 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-14 17:15

Updated : 2024-11-21 08:29


NVD link : CVE-2023-46714

Mitre link : CVE-2023-46714

CVE.ORG link : CVE-2023-46714


JSON object : View

Products Affected

fortinet

  • fortios
CWE
CWE-121

Stack-based Buffer Overflow