A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.11, 2.0.0 up to and including 2.0.13, 1.2.0 up to and including 1.2.13, 1.1.0 up to and including 1.1.6 FortiPAM versions 1.1.0, 1.0.0 up to and including 1.0.3 FortiOS versions 7.4.0, 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.13, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15 FortiSwitchManager versions 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.2 allows malicious user to execute unauthorized code or commands via specially crafted cli commands and http requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiproxy |
||
fortinet fortiswitchmanager |
||
fortinet fortios |
||
fortinet fortios 7.4.0 |
||
fortinet fortipam 1.1.0 |
||
fortinet fortipam |