Dec. 12, 2023, 8 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

A format string vulnerability [CWE-134] in the HTTPSd daemon of FortiOS, FortiProxy and FortiPAM may allow an authenticated user to execute unauthorized code or commands via specially crafted API requests.

api bug code cwe daemon format string fortios fortiproxy may requests vulnerability

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States

GRC Analyst

@ Richemont | Shelton, CT, US

Security Specialist

@ Peraton | Government Site, MD, United States

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)