Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2023-48784

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or commands via specially crafted requests.

  • Published: Apr 9, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2023-48784
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.7
  • AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
fortinet / fortios 7.4.0 7.4.2
fortinet / fortios 7.2.0 7.2.8
fortinet / fortios 6.4.0 7.0.16