CVE-2023-36642

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 13, 2023

Updated: Nov 7, 2023

CWE ID 78

CWE ID 77

Summary

CVE-2023-36642 is a vulnerability affecting FortiTester versions 3.0.0 to 7.2.3. This issue, classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command), allows authenticated attackers to execute unauthorized commands. By providing specifically crafted arguments to existing commands, they can manipulate the management interface, potentially leading to significant security implications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Fortinet Fortitester

Affected Vendors

Fortinet

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rx6cCM
https://www.cve.org/CVERecord?id=CVE-2023-36642
https://nvd.nist.gov/vuln/detail/CVE-2023-36642

Back to Vulnerability Database