First published: Tue May 14 2024(Updated: )
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests.
Credit: psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet FortiOS | >=7.4.0<=7.4.1 | |
Fortinet FortiOS | >=7.2.1<=7.2.7 | |
Fortinet FortiOS | >=7.2.1<=7.2.6 | |
Fortinet FortiOS | =7.4.0 | |
Fortinet FortiOS | =7.4.1 |
Please upgrade to FortiOS version 7.4.2 or above Please upgrade to FortiOS version 7.2.8 or above Please upgrade to FortiAuthenticator version 6.6.1 or above Please upgrade to FortiAuthenticator version 6.5.5 or above
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.