How severe is CVE-2023-45583?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2023-45583?

This is classified as CWE-134, which is a common weakness in software security.

CVE-2023-45583 - HIGH Severity | CVSS 7.2

Vulnerability Description

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.

Related Vulnerabilities

CVE-2018-12590

HIGH

CVSS:7.2(High)

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privileg...

CWE-1342018

CVE-2023-35086

HIGH

CVSS:7.2(High)

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function...

CWE-1342023

CVE-2023-39238

HIGH

CVSS:7.2(High)

It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with...

CWE-1342023

CVE-2023-39239

HIGH

CVSS:7.2(High)

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote...

CWE-1342023

CVE-2023-39240

HIGH

CVSS:7.2(High)

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi mo...

CWE-1342023

CVE-2024-12805

HIGH

CVSS:7.2(High)

A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.

CWE-1342024