PT-2025-24705 · Fortinet · Fortiproxy+1
Published
2025-06-10
·
Updated
2025-06-10
·
CVE-2023-29184
CVSS v3.1
3.2
Low
| Vector | AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
FortiOS versions prior to 7.2.3
FortiProxy versions 7.2.0 through 7.2.2
FortiProxy versions prior to 7.0.8
Description
An incomplete cleanup issue allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI requests.
Recommendations
For FortiOS versions prior to 7.2.3, update to version 7.2.3 or later.
For FortiProxy versions 7.2.0 through 7.2.2, update to version 7.2.3 or later.
For FortiProxy versions prior to 7.0.8, update to version 7.0.8 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortios
Fortiproxy