A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
References
History

Wed, 23 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2022-12-13'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-01-02T08:18:49.444Z

Updated: 2024-10-23T13:27:24.950Z

Reserved: 2022-10-07T14:05:36.301Z

Link: CVE-2022-42475

cve-icon Vulnrichment

Updated: 2024-08-03T13:10:40.927Z

cve-icon NVD

Status : Modified

Published: 2023-01-02T09:15:09.490

Modified: 2024-11-21T07:25:02.680

Link: CVE-2022-42475

cve-icon Redhat

No data.