A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HFortinet Fortianalyzer
APPFortinet7.2.07.0.0 – 7.0.5 (bez)6.4.0 – 6.4.12 (bez)6.2.0 – 6.2.11 (bez)6.0.0 – 6.0.12 (bez)Fortinet Fortimanager
APPFortinet7.2.06.2.0 – 6.2.11 (bez)7.0.0 – 7.0.5 (bez)6.4.0 – 6.4.12 (bez)6.0.0 – 6.0.12 (bez)Fortinet FortiOS
OSFortinet6.4.0 – 6.4.12 (bez)7.2.0 – 7.2.4 (bez)7.0.0 – 7.0.10 (bez)5.0.0 – 6.2.13 (bez)Fortinet FortiOS 6k7k
APPFortinet7.0.56.4.2 – 6.4.12 (bez)6.0.4 – 6.2.13 (bez)Fortinet Fortiproxy
APPFortinet7.2.0 – 7.2.3 (bez)1.1.0 – 7.0.9 (bez)Fortinet Fortiswitch
OSFortinet7.0.0 – 7.0.7 (bez)7.2.0 – 7.2.4 (bez)Fortinet Fortiswitchmanager
APPFortinet7.2.0 – 7.2.2 (bez)7.0.0 – 7.0.2 (bez)Fortinet Fortiweb
APPFortinet6.2.0 – 6.2.8 (bez)7.2.0 – 7.2.2 (bez)7.0.0 – 7.0.7 (bez)6.4.0 – 6.4.3 (bez)6.3.0 – 6.3.23 (bez)6.1.0 – 6.1.4 (bez)
Related vulnerabilities
Fortinet – Auth Bypass przez FortiCloud SSO w wielu produktach
Fortinet FortiOS/FortiProxy/FortiSwitchManager — Auth Bypass przez SAML
Path Traversal w Fortinet FortiWeb umożliwiający zdalne wykonanie poleceń
Krytyczna podatność SQL Injection w Fortinet FortiWeb — obejście uwierzytelnienia
Authentication Bypass w FortiOS i FortiProxy — przejęcie uprawnień super-admin