CVE-2024-26010
published 2024-06-11CVE-2024-26010: A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager…
high7.5CVSS 3.1
AVNACHPRNUIRSUCHIHAH
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortiauthenticator | — | — |
| fortinet | fortinet | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | >= 6.0.0 < 7.0.15 | 7.0.15 |
| fortinet | fortios | 6.0.0 – 6.0.18 | — |
| fortinet | fortios | 6.2.0 – 6.2.16 | — |
| fortinet | fortios | 6.4.0 – 6.4.15 | — |
| fortinet | fortios | 7.0.0 – 7.0.14 | — |
| fortinet | fortios | >= 7.2.0 < 7.2.8 | 7.2.8 |
| fortinet | fortios | 7.2.0 – 7.2.7 | — |
| fortinet | fortios | >= 7.4.0 < 7.4.4 | 7.4.4 |
| fortinet | fortios | 7.4.0 – 7.4.3 | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | 1.0.0 – 1.3.0 | — |
| fortinet | fortipam | 1.1.0 – 1.1.2 | — |
| fortinet | fortiproxy | — | — |
| fortinet | fortiproxy | >= 1.0.0 < 7.0.17 | 7.0.17 |
| fortinet | fortiproxy | 1.0.0 – 1.0.7 | — |
| fortinet | fortiproxy | 1.1.0 – 1.1.6 | — |
| fortinet | fortiproxy | 1.2.0 – 1.2.13 | — |
| fortinet | fortiproxy | 2.0.0 – 2.0.13 | — |
| fortinet | fortiproxy | 7.0.0 – 7.0.15 | — |
| fortinet | fortiproxy | >= 7.2.0 < 7.2.10 | 7.2.10 |
| fortinet | fortiproxy | 7.2.0 – 7.2.9 | — |