Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 13/12/2023 Updated: 18/01/2024

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 up to and including 7.0.4, 6.4.0 up to and including 6.4.10, 6.2.0 up to and including 6.2.7, 6.0.x, FortiMail version 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 up to and including 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR version 1.x.x allows a remote unauthenticated malicious user to execute commands on the CLI via tricking an authenticated administrator to execute malicious GET requests.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fortinet fortiswitch
fortinet fortimail
fortinet fortirecorder
fortinet fortiai 1.5.3
fortinet fortiai 1.1.0
fortinet fortindr 7.1.0
fortinet fortindr
fortinet fortivoice

CWE-352 https://fortiguard.com/psirt/FG-IR-22-038 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-27488

Vulnerability Summary

References

Vulmon Search

About

Products

Connect