CVE-2023-33302

MEDIUM Year: 2023
CVSS v3 Score
4.7
Medium
Weakness Type
CWE-120
View all →

Vulnerability Description

A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests.

Related Vulnerabilities

CVE-2021-34557

MEDIUM
CVSS:4.6(Medium)

XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in update_screen_layout() allows an attacker to bypass the standard screen lock authe...

CWE-1202021

CVE-2024-25373

MEDIUM
CVSS:4.6(Medium)

Tenda AC10V4.0 V16.03.10.20 was discovered to contain a stack overflow via the page parameter in the sub_49B384 function.

CWE-1202024

CVE-2024-35106

MEDIUM
CVSS:4.6(Medium)

NEXTU FLETA AX1500 WIFI6 v1.0.3 was discovered to contain a buffer overflow at /boafrm/formIpQoS. This vulnerability allows attackers to cause a Denial of Service (DoS) or potentially arbitrary code e...

CWE-1202024

CVE-2025-25453

MEDIUM
CVSS:4.6(Medium)

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via serviceName2.

CWE-1202025

CVE-2025-25458

MEDIUM
CVSS:4.6(Medium)

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via serverName2.

CWE-1202025

CVE-2020-35786

MEDIUM
CVSS:4.5(Medium)

NETGEAR R7800 devices before 1.0.2.74 are affected by a buffer overflow by an authenticated user.

CWE-1202020