FortiOS

Fortinet FortiOS sslvpnd Remote Code Execution Vulnerability (CVE-2022-42475)

December 14, 2022

Overview Recently, NSFOCUS CERT detected that Fortinet officially fixed a remote code execution vulnerability (CVE-2022-42475) in FortiOS sslvpnd. Due to the flaw in sslvpnd’s validation of user input, an unauthenticated attacker can trigger a buffer overflow by sending a specially crafted packet, which can eventually execute arbitrary code on the target system. The CVSS score […]

Search

Subscribe to the NSFOCUS Blog