CVE-2023-45583 in FortiProxy
Summary
by MITRE • 05/14/2024
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5, FortiProxy 7.0.0 through 7.0.11, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiSwitchManager 7.2.0 through 7.2.2, FortiSwitchManager 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 06/12/2026
This vulnerability represents a critical format string attack surface that affects multiple Fortinet security products including FortiProxy, FortiPAM, FortiOS, and FortiSwitchManager across several version ranges. The flaw stems from improper validation of user-supplied input within the command line interface and http request processing components, creating an environment where externally controlled format specifiers can be injected into printf-style functions. When these functions process the malicious input without proper sanitization, they interpret the format specifiers as instructions for memory access and manipulation rather than literal text, enabling attackers to execute arbitrary code or commands with elevated privileges. The vulnerability specifically impacts versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 for FortiProxy and FortiPAM, along with various FortiOS versions including 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, and 6.2.0 through 6.2.15, and FortiSwitchManager versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.2. This type of vulnerability maps directly to CWE-134 which describes the use of externally-controlled format strings, and aligns with ATT&CK technique T1059.001 for command and scripting interpreter and T1078.004 for valid accounts. The operational impact is severe as attackers can leverage this vulnerability to gain unauthorized access to network infrastructure, potentially leading to complete system compromise and lateral movement within affected networks. Attackers can craft specially crafted cli commands and http requests that exploit the format string vulnerability to execute arbitrary code, bypass authentication mechanisms, or perform privilege escalation attacks. The vulnerability's presence in both command line interfaces and http request handlers creates multiple attack vectors, making it particularly dangerous as attackers can approach the target through different entry points. Organizations running affected Fortinet products face significant risk of unauthorized code execution and system compromise, potentially leading to data breaches, service disruption, and regulatory compliance violations. The vulnerability's exploitation requires minimal privileges and can be automated, making it particularly attractive to threat actors seeking to compromise network security infrastructure. Mitigation strategies include immediate deployment of Fortinet's security patches and updates for all affected versions, implementation of network segmentation to limit access to vulnerable systems, and monitoring for suspicious cli commands or http requests that may indicate exploitation attempts. Additionally, organizations should conduct comprehensive vulnerability assessments to identify all instances of affected software and ensure proper input validation is implemented across all network management interfaces. The vulnerability highlights the critical importance of proper input validation and the dangers of allowing user-controlled data to influence program execution flow in security-critical applications.