CVE-2023-25610

{"id": "CVE-2023-25610", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-03-24T16:15:17.273", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-001", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-124"}]}], "descriptions": [{"lang": "en", "value": "A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests."}, {"lang": "es", "value": "Una vulnerabilidad de suscripci\u00f3n de b\u00fafer ('desbordamiento de b\u00fafer') en la interfaz administrativa de Fortinet FortiOS versi\u00f3n 7.2.0 a 7.2.3, versi\u00f3n 7.0.0 a 7.0.6, versi\u00f3n 6.4.0 a 6.4.11 y versi\u00f3n 6.2.12 y anteriores, FortiProxy versi\u00f3n 7.2.0 a 7.2.2, versi\u00f3n 7.0.0 a 7.0.8, versi\u00f3n 2.0.12 y anteriores y FortiOS-6K7K versi\u00f3n 7.0.5, versi\u00f3n 6.4.0 a 6.4.10 y versi\u00f3n 6.2.0 a 6.2.10 y anteriores permite a un atacante remoto no autenticado ejecutar c\u00f3digo o comandos arbitrarios a trav\u00e9s de solicitudes espec\u00edficamente manipuladas."}], "lastModified": "2025-07-24T19:56:34.070", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A97E35C7-F21A-49B2-9135-D6FCB727FA14", "versionEndExcluding": "6.1.4", "versionStartIncluding": "6.1.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42CE94E5-B32F-4253-B8AC-2CDB29CDD117", "versionEndExcluding": "6.2.8", "versionStartIncluding": "6.2.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5154C61F-FC94-4D55-853D-22ECD0AD05CC", "versionEndExcluding": "6.3.23", "versionStartIncluding": "6.3.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2E8538B-42EF-4348-ADF2-78FF0977A1E1", "versionEndExcluding": "6.4.3", "versionStartIncluding": "6.4.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B34855D1-69A4-4971-98B9-7AAF3E27A1F5", "versionEndExcluding": "7.0.7", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62EDCC39-DD0C-40B7-BA83-6D6FF944E19D", "versionEndExcluding": "7.2.2", "versionStartIncluding": "7.2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90721212-587E-40B0-AF9A-3367DBC991EC", "versionEndExcluding": "7.0.2", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27F1D4EB-E172-4AE4-BF5E-B13D86B68E78", "versionEndExcluding": "7.2.2", "versionStartIncluding": "7.2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59494F87-7305-4531-B7C1-E9E50CDEC44F", "versionEndExcluding": "7.0.7", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E16C1EC2-26C8-4A0A-AD05-6FBBAE64F996", "versionEndExcluding": "7.2.4", "versionStartIncluding": "7.2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0DE96C2-C872-4A19-B50B-5AB66F3AAD63", "versionEndExcluding": "7.0.9", "versionStartIncluding": "1.1.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DE32DAA-88FE-4134-84CC-8C071F92D5F3", "versionEndExcluding": "7.2.3", "versionStartIncluding": "7.2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D70ED44-A7DA-4947-99EE-50AB77595E78", "versionEndExcluding": "6.2.13", "versionStartIncluding": "6.0.4"}, {"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A611B0B5-1CB2-42EA-A100-FE587CA59A09", "versionEndExcluding": "6.4.12", "versionStartIncluding": "6.4.2"}, {"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:7.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66265BCF-0AA4-4CE2-A096-6F3432EB834E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "445396AA-14A0-4C3A-BB6D-15F4907B9347", "versionEndExcluding": "6.2.13", "versionStartIncluding": "5.0.0"}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4AA72D9-CD66-4628-92B5-6CDFCB8E0EEE", "versionEndExcluding": "6.4.12", "versionStartIncluding": "6.4.0"}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EB54D85-8A3B-4F40-A814-3636F2AC99F3", "versionEndExcluding": "7.0.10", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5", "versionEndExcluding": "7.2.4", "versionStartIncluding": "7.2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EA9BEAE-0403-48E2-A19D-AC27C32DD831", "versionEndExcluding": "6.0.12", "versionStartIncluding": "6.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5B3B630-5D4D-48AF-978F-5457AE98BBBD", "versionEndExcluding": "6.2.11", "versionStartIncluding": "6.2.0"}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142A4113-BEF9-4112-AC7D-757A18CFF2CF", "versionEndExcluding": "6.4.12", "versionStartIncluding": "6.4.0"}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27A597D3-77FF-4BDA-A2BC-EDFFF96DDEEB", "versionEndExcluding": "7.0.5", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "407755AA-0C23-4C5B-88A2-8BC12A3D268D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C8A53DB-C3F6-4945-BE02-BED20AF19BDB", "versionEndExcluding": "6.0.12", "versionStartIncluding": "6.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C2DDF7D-F910-4016-8C51-4B54AAA8951C", "versionEndExcluding": "6.2.11", "versionStartIncluding": "6.2.0"}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B7F56A0-3940-43F1-9B29-45CE29043D36", "versionEndExcluding": "6.4.12", "versionStartIncluding": "6.4.0"}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "930919B2-1DF9-4216-8245-8C0F3F137C45", "versionEndExcluding": "7.0.5", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "319D2F9D-E1E5-49C7-8ABD-0A64D7B05D58"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}