A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-22-164 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:06:11.661Z
Updated: 2023-02-16T18:06:11.661Z
Reserved: 2022-06-16T11:14:43.763Z
Link: CVE-2022-33871
JSON object: View
NVD Information
Status : Modified
Published: 2023-02-16T19:15:12.730
Modified: 2023-11-07T03:48:22.917
Link: CVE-2022-33871
JSON object: View
Redhat Information
No data.