Rewterz Threat Advisory – Multiple Fortinet Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-23447 CVSS:7.5

Fortinet FortiExtender could allow a remote attacker to traverse directories on the system, caused by improper validation of user requests. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.

CVE-2023-33308 CVSS:9.8

Fortinet FortiOS and Fortinet FortiProxy are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By sending specially crafted packets, a remote attacker could overflow a buffer and execute arbitrary code or commands on the system.

Impact

• Information Disclosure
• Buffer Overflow

Indicators Of Compromise

CVE

• CVE-2022-23447
• CVE-2023-33308

Affected Vendors

Fortinet

Affected Products

• Fortinet FortiExtender 7.0.3
• Fortinet FortiExtender 7.0.0
• Fortinet FortiExtender 4.2.4
• Fortinet FortiExtender 4.2.0
• Fortinet FortiExtender 4.1.8
• Fortinet FortiExtender 4.1.1
• Fortinet FortiExtender 4.0.2
• Fortinet FortiExtender 4.0.0
• Fortinet FortiExtender 3.3.2
• Fortinet FortiExtender 3.3.0
• Fortinet FortiExtender 3.2.3
• Fortinet FortiExtender 3.2.1
• Fortinet FortiExtender 5.3
• Fortinet FortiOS 7.0.0
• Fortinet FortiProxy 7.0.0
• Fortinet FortiOS 7.2.0
• Fortinet FortiProxy 7.2.0
• Fortinet FortiOS 7.2.3
• Fortinet FortiProxy 7.0.8
• Fortinet FortiProxy 7.2.2
• Fortinet FortiOS 7.0.10

Remediation

Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.

CVE-2022-23447

CVE-2023-33308