CVE-2023-42789

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.2.0 through 6.2.15 Fortinet FortiOS versions 6.4.0 through 6.4.14 Fortinet FortiOS versions 7.0.0 through 7.0.12 Fortinet FortiOS versions 7.2.0 through 7.2.5 Fortinet FortiOS versions 7.4.0 through 7.4.1 FortiProxy versions 2.0.0 through 2.0.13 FortiProxy versions 7.0.0 through 7.0.12 FortiProxy versions 7.2.0 through 7.2.6 FortiProxy version 7.4.0

Description The issue is related to an out-of-bounds write in Fortinet FortiOS and FortiProxy, allowing an attacker to execute unauthorized code or commands via specially crafted HTTP requests. This can be exploited by a remote unauthenticated attacker to execute arbitrary code. The vulnerability is exploited in the captive portal, which should not be accessible from the Internet, suggesting an "inside attacker".

Recommendations For Fortinet FortiOS versions 6.2.0 through 6.2.15, update to a fixed version. For Fortinet FortiOS versions 6.4.0 through 6.4.14, update to a fixed version. For Fortinet FortiOS versions 7.0.0 through 7.0.12, update to a fixed version. For Fortinet FortiOS versions 7.2.0 through 7.2.5, update to a fixed version. For Fortinet FortiOS versions 7.4.0 through 7.4.1, update to a fixed version. For FortiProxy versions 2.0.0 through 2.0.13, update to a fixed version. For FortiProxy versions 7.0.0 through 7.0.12, update to a fixed version. For FortiProxy versions 7.2.0 through 7.2.6, update to a fixed version. For FortiProxy version 7.4.0, update to a fixed version. As a temporary workaround, consider restricting access to the captive portal to minimize the risk of exploitation.