#VU77671 Command Injection in FortiNAC and FortiNAC-F - CVE-2023-33300

Cybersecurity Help s.r.o.

Published: 2023-06-23

Vulnerability identifier: #VU77671

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-33300

CWE-ID: CWE-77

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
FortiNAC
Server applications / IDS/IPS systems, Firewalls and proxy servers
FortiNAC-F
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor: Fortinet, Inc

Description

The vulnerability allows a remote attacker to manipulate files on the device.

The vulnerability exist due to improper input validation when processing requests sent to the XML interface on port 5555/TCP. A remote non-authenticated attacker can send a specially crafted request to the system and copy local files of the device to other local directories of the device.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

FortiNAC: 9.4.0 - 9.4.2

FortiNAC-F: 7.2.0 - 7.2.1

External links
https://fortiguard.fortinet.com/psirt/FG-IR-23-096

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in FortiNAC