PT-2023-3053 · Fortinet · Fortiweb
Published
2023-02-16
·
Updated
2023-02-27
·
CVE-2022-40683
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
FortiWeb versions 7.0.0 through 7.0.3
Description
The issue is related to a double free in the software, which may allow an attacker to execute unauthorized code or commands via specially crafted commands. This can potentially enable an attacker to run arbitrary code.
Recommendations
For FortiWeb versions 7.0.0 through 7.0.3, update to a version that contains a fix for this issue to prevent potential code execution.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortiweb