CVE-2023-46720

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:29

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 6.7
References () https://fortiguard.fortinet.com/psirt/FG-IR-23-356 - Vendor Advisory () https://fortiguard.fortinet.com/psirt/FG-IR-23-356 - Vendor Advisory

23 Aug 2024, 02:42

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 6.7
v2 : unknown
v3 : 7.8
First Time Fortinet
Fortinet fortios
References () https://fortiguard.fortinet.com/psirt/FG-IR-23-356 - () https://fortiguard.fortinet.com/psirt/FG-IR-23-356 - Vendor Advisory
CWE CWE-787
CPE cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) Un desbordamiento de búfer basado en pila en Fortinet FortiOS versión 7.4.0 a 7.4.1 y 7.2.0 a 7.2.7 y 7.0.0 a 7.0.12 y 6.4.6 a 6.4.15 y 6.2.9 a 6.2.16 y Las versiones 6.0.13 a 6.0.18 permiten a un atacante ejecutar código o comandos no autorizados a través de comandos CLI especialmente manipulados.

11 Jun 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-11 15:15

Updated : 2024-11-21 08:29


NVD link : CVE-2023-46720

Mitre link : CVE-2023-46720

CVE.ORG link : CVE-2023-46720


JSON object : View

Products Affected

fortinet

  • fortios
CWE
CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write