How severe is CVE-2023-36640?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2023-36640?

This is classified as CWE-134, which is a common weakness in software security.

CVE-2023-36640 - MEDIUM Severity | CVSS 6.7

Vulnerability Description

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands

Related Vulnerabilities

CVE-2023-40721

MEDIUM

CVSS:6.7(Medium)

A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.2...

CWE-1342023

CVE-2023-41842

MEDIUM

CVSS:6.7(Medium)

A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version...

CWE-1342023

CVE-2023-48784

MEDIUM

CVSS:6.7(Medium)

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a ...

CWE-1342023

CVE-2022-43619

MEDIUM

CVSS:6.8(Medium)

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerabil...

CWE-1342022

CVE-2016-1895

MEDIUM

CVSS:6.5(Medium)

NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling.

CWE-1342016

CVE-2019-18420

MEDIUM

CVSS:6.5(Medium)

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function whic...

CWE-1342019