CVE-2023-34984

CVSS 7.1 HIGHEPSS 0.7%CWE-693

A protection mechanism failure in Fortinet FortiWeb 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.0 through 6.4.3, 6.3.6 through 6.3.23 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C

Affected products

Fortinet · FortiWeb

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://fortiguard.com/psirt/FG-IR-23-068