CVE-2023-23782

Summary

A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb version 6.3.0 through 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows attacker to escalation of privilege via specifically crafted arguments to existing commands.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiWeb7.0.0 <= 7.0.1affected
FortinetFortiWeb6.4.0 <= 6.4.2affected
FortinetFortiWeb6.3.0 <= 6.3.19affected
FortinetFortiWeb6.2.0 <= 6.2.7affected
FortinetFortiWeb6.1.0 <= 6.1.3affected
FortinetFortiWeb6.0.0 <= 6.0.8affected

Weaknesses

  • CWE-122: Escalation of privilege

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References