A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
2024-03-12T15:15:46.107
2024-11-21T08:23:09.387
Modified
CVSSv3.1: 9.8 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | fortinet | fortiproxy | ≤ 2.0.13 | Yes |
| Application | fortinet | fortiproxy | ≤ 7.0.12 | Yes |
| Application | fortinet | fortiproxy | ≤ 7.2.6 | Yes |
| Application | fortinet | fortiproxy | 7.4.0 | Yes |
| Operating System | fortinet | fortios | ≤ 6.2.15 | Yes |
| Operating System | fortinet | fortios | ≤ 6.4.14 | Yes |
| Operating System | fortinet | fortios | ≤ 7.0.12 | Yes |
| Operating System | fortinet | fortios | ≤ 7.2.5 | Yes |
| Operating System | fortinet | fortios | 7.4.0 | Yes |
| Operating System | fortinet | fortios | 7.4.1 | Yes |