Return to CVE list

CVE-2023-37930

7.5
Critical

CVE-2023-37930

psirt@fortinet.com
Awaiting Analysis
View on MITREFind on GitHub

Description

Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE-834] vulnerabilities in Fortinet FortiOS SSL VPN webmode version 7.4.0, version 7.2.0 through 7.2.5, version 7.0.1 through 7.0.11 and version 6.4.7 through 6.4.14 and Fortinet FortiProxy SSL VPN webmode version 7.2.0 through 7.2.6 and version 7.0.0 through 7.0.12 allows a VPN user to corrupt memory potentially leading to code or commands execution via specifically crafted requests.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

psirt@fortinet.com
https://fortiguard.com/psirt/FG-IR-23-165