Main Vulnerability Database Exploits ID:9150 - Exploit for Buffer Underwrite ('Buffer Underflow') in FortiOS and FortiProxy - CVE-2023-25610

ID:9150 - Exploit for Buffer Underwrite ('Buffer Underflow') in FortiOS and FortiProxy - CVE-2023-25610

Published: June 26, 2023

Vulnerability identifier: #VU73200

Vulnerability risk: High

CVE-ID: CVE-2023-25610

CWE-ID: CWE-124

Exploitation vector: Remote access

Vulnerable software:
FortiOS
FortiProxy

Link to public exploit:

https://github.com/qi4L/CVE-2023-25610

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected device.

The vulnerability exists due to a heap buffer underflow in the administrative interface. A remote non-authenticated attacker can send a specially crafted request to the administrative web interface of the affected device, trigger memory corruption and execute arbitrary code on the system.

Remediation

Install updates from vendor's website.

ID:9150 - Exploit for Buffer Underwrite ('Buffer Underflow') in FortiOS and FortiProxy - CVE-2023-25610

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human