← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-23113 — Actively Exploited: Multiple Products (Fortinet)

Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

CVE IDCVE-2024-23113
VendorFortinet
ProductMultiple Products
Vulnerability nameFortinet Multiple Products Format String Vulnerability
Date added2024-10-09
Remediation due2024-10-30
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionFortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →