CVE-2024-21762

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
09/02/2024
Last modified:
29/11/2024

Description

A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* 1.0.0 (including) 2.0.14 (excluding)
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* 7.0.0 (including) 7.0.15 (excluding)
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* 7.2.0 (including) 7.2.9 (excluding)
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* 7.4.0 (including) 7.4.3 (excluding)
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 6.0.0 (including) 6.0.18 (excluding)
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 6.2.0 (including) 6.2.16 (excluding)
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 6.4.0 (including) 6.4.15 (excluding)
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 7.0.0 (including) 7.0.14 (excluding)
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 7.2.0 (including) 7.2.7 (excluding)
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 7.4.0 (including) 7.4.3 (excluding)