CVSS: 4.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-29175
https://notcve.org/view.php?id=CVE-2023-29175
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server. • https://fortiguard.com/psirt/FG-IR-22-468 • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 9%CPEs: 25EXPL: 6CVE-2023-27997 – Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-27997
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests. • https://github.com/rio128128/CVE-2023-27997-POC https://github.com/BishopFox/CVE-2023-27997-check https://github.com/delsploit/CVE-2023-27997 https://github.com/imbas007/CVE-2023-27997-Check https://github.com/Cyb3rEnthusiast/CVE-2023-27997 https://github.com/awchjimmy/CVE-2023-27997-tutorial https://fortiguard.com/psirt/FG-IR-23-097 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-26207
https://notcve.org/view.php?id=CVE-2023-26207
An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text. • https://fortiguard.com/psirt/FG-IR-22-455 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2023-22639
https://notcve.org/view.php?id=CVE-2023-22639
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands. • https://fortiguard.com/psirt/FG-IR-22-494 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-43953
https://notcve.org/view.php?id=CVE-2022-43953
A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands. • https://fortiguard.com/psirt/FG-IR-22-463 • CWE-134: Use of Externally-Controlled Format String •