CVE-2023-50181

Name of the Vulnerable Software and Affected Versions FortiADC versions 7.4.0 through 7.4.1 FortiADC versions prior to 7.2.4

Description The issue is related to improper access control in the administrative interface of FortiADC, allowing a remote attacker to gain write access to arbitrary files by sending specially crafted HTTP or HTTPS requests. This can enable a read-only authenticated attacker to perform certain write actions.

Recommendations For FortiADC versions 7.4.0 through 7.4.1, update to a version outside of this range to resolve the issue. For FortiADC versions prior to 7.2.4, update to version 7.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the administrative interface to minimize the risk of exploitation.