Multiple Vulnerabilities in Fortinet FortiOS and FortiProxy SSL VPN
CVE-2023-37930
6.7MEDIUM
What is CVE-2023-37930?
Fortinet products, specifically FortiOS and FortiProxy in certain SSL VPN configurations, are affected by multiple vulnerabilities that involve the use of uninitialized resources and excessive iterations. This may allow a VPN user to exploit the system through specially crafted requests, potentially leading to memory corruption and unauthorized execution of code or commands.
Affected Version(s)
FortiOS 7.4.0
FortiOS 7.2.0 <= 7.2.5
FortiOS 7.0.1 <= 7.0.11