CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-33300

A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiNAC 7.2.1 and earlier, 9.4.3 and earlier allows attacker a limited, unauthorized file access via specifically crafted request in inter-server communication port.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.07

EPSS Ranking 91.1%

CVSS Severity

CVSS v3 Score 5.3

References

https://fortiguard.com/psirt/FG-IR-23-096

Products affected by CVE-2023-33300

Fortinet » Fortinac » Version: Any

cpe:2.3:a:fortinet:fortinac:*
Fortinet » Fortinac » Version: 7.2.0

cpe:2.3:a:fortinet:fortinac:7.2.0
Fortinet » Fortinac » Version: 7.2.1

cpe:2.3:a:fortinet:fortinac:7.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-33300

Products

Pricing

Contact Us