First published: Tue Nov 14 2023(Updated: )
Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests.
|Affected Software||Affected Version||How to fix|
CVE-2023-29177 is a vulnerability in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 that allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests.
CVE-2023-29177 has a severity level of medium with a score of 6.2.
FortiADC versions 7.2.0 and before 7.1.2, and FortiDDoS-F versions 6.5.0 and before 6.4.1 are affected by CVE-2023-29177.
A privileged attacker can exploit CVE-2023-29177 by sending specifically crafted CLI requests to execute arbitrary code or commands.
You can find more information about CVE-2023-29177 at the following link: https://fortiguard.com/psirt/FG-IR-23-064