Fortinet has disclosed a critical vulnerability in its FortiOS and FortiProxy captive portal systems, potentially allowing attackers to execute arbitrary code through specially crafted HTTP requests.
The vulnerability, identified as an out-of-bounds write issue [CWE-787] and a stack-based buffer overflow [CWE-121], affects multiple versions of FortiOS and FortiProxy.
An attacker with access to the captive portal can exploit these vulnerabilities by sending specially crafted HTTP requests, which can lead to unauthorized code or command execution within the system.
This flaw poses a significant risk, as it could allow attackers to gain control over affected systems, potentially leading to data theft, system compromise, and further network infiltration.
Organizations with affected FortiOS and FortiProxy versions are at risk of targeted attacks that could compromise sensitive information and disrupt critical operations.
The vulnerability’s severity is underscored by its potential to allow attackers to execute arbitrary code, which can be leveraged for a wide range of malicious activities.
The vulnerabilities affect a range of Fortinet products across various versions:
- FortiOS versions 7.4.0 to 7.4.1
- FortiOS versions 7.2.0 to 7.2.5
- FortiOS versions 7.0.0 to 7.0.12
- FortiOS versions 6.4.0 to 6.4.14
- FortiOS versions 6.2.0 to 6.2.15
- FortiProxy version 7.4.0
- FortiProxy versions 7.2.0 to 7.2.6
- FortiProxy versions 7.0.0 to 7.0.12
- FortiProxy versions 2.0.0 to 2.0.13
