Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-9ggx-97wx-426m

Опубликовано: 16 фев. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 7.8

Описание

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.

Ссылки

EPSS

Процентиль: 30%
0.00112
Низкий

7.8 High

CVSS3

CVE ID

CVE-2023-25602

Дефекты

CWE-787

Связанные уязвимости

nvd логотип

CVE-2023-25602

CVSS3: 7.8
nvd
почти 3 года назад

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.

fstec логотип

BDU:2023-03118

CVSS3: 7.8
fstec
почти 3 года назад

Уязвимость межсетевого экрана веб-приложений FortiWeb, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 30%
0.00112
Низкий

7.8 High

CVSS3

CVE ID

CVE-2023-25602

Дефекты

CWE-787