CVE-2023-42784 – Fortinet FortiWeb HTTP/HTTPS Command Injection

March 11, 2025
5:16 pm

CVE ID : CVE-2023-42784

Published : March 11, 2025, 3:15 p.m. | 1 hour, 27 minutes ago

Description : An improper handling of syntactically invalid structure in Fortinet FortiWeb at least verions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests.

Severity: 5.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2023-42784 – Fortinet FortiWeb HTTP/HTTPS Command Injection

Elvescore.io

Recent Posts

CVE-2025-27591 – Below Privilege Escalation Vulnerability

CVE-2025-27773 – SimpleSAMLphp SAML2 Signature Confusion Attack

CVE-2025-24453 – Adobe InDesign Heap-based Buffer Overflow Vulnerability

CVE-2025-25748 – HotelDruid CSRF Vulnerability

CVE-2025-25749 – HotelDruid Weak Password Enforcement

CVE-2025-26701 – Percona PMM Server Default Credential Vulnerability

CVE-2023-42784 – Fortinet FortiWeb HTTP/HTTPS Command Injection

CVE-2023-42784 – Fortinet FortiWeb HTTP/HTTPS Command Injection