Stack-based Buffer Overflow in Fortinet FortiWeb: Unauthorized Code Execution via Crafted Command Arguments

Stack-based Buffer Overflow in Fortinet FortiWeb: Unauthorized Code Execution via Crafted Command Arguments

CVE-2023-25602 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.

Learn more about our Cis Benchmark Audit For Fortinet.