A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
References
History

Wed, 23 Oct 2024 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-07-26T14:00:25.931Z

Updated: 2024-10-23T13:07:25.250Z

Reserved: 2023-05-22T07:58:22.197Z

Link: CVE-2023-33308

cve-icon Vulnrichment

Updated: 2024-08-02T15:39:36.270Z

cve-icon NVD

Status : Modified

Published: 2023-07-26T15:15:10.347

Modified: 2024-11-21T08:05:23.120

Link: CVE-2023-33308

cve-icon Redhat

No data.