VDB
CVE-2023-42791
CVE-2023-42791
PUBLISHED
CVSS 8.600000381469727 HIGH
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
EPSS 11.28% · 93.7th percentile
Risk Scores
CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:X
EPSS Score
11.28%
93.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| fortinet | fortimanager | 7.2.0, 7.0.0, 7.4.0 |
| fortinet | fortimanager | 6.2.0, 6.4.0, 7.0.0 |
| fortinet | fortianalyzer | 7.0.0, 6.2.0, 7.4.0 |
| Fortinet | FortiAnalyzer | 7.2.0, 7.0.0, 6.4.0 |
| Fortinet | FortiManager | 7.4.0, 7.2.0, 7.0.0 |
Exploit Intelligence
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc-repo)
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc-repo)
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc-repo)
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc-repo)
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc-repo)
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc)
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc)
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc)
- Exploitations scripts for CVE-2023-42791 and CVE-2024-23666. (github-poc)
- CIRCL seen: CVE-2023-42791 (circl-sighting)
…and 3 more exploits
Timeline
- Feb 20, 2024 CVE Published
- Feb 21, 2024 EPSS Score
- Mar 19, 2024 EPSS Score
- May 12, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 31, 2024 EPSS Score
- Aug 2, 2024 CVE Updated
- Aug 27, 2024 EPSS Score
- Sep 23, 2024 EPSS Score
- Nov 16, 2024 EPSS Score
- Dec 13, 2024 EPSS Score
- Feb 5, 2025 EPSS Score