CVE-2023-27997CISA KEV: Actively Exploited

Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability

Published Jun 13, 2023·Updated Jun 13, 2023

Description

Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.

Public Exploits & PoCs12 found

PoC: xortigate-cve-2023-27997

xortigate-cve-2023-27997

3

PoC: fgt-cve-2023-27997-exploit

FortiGate SSL-VPN CVE-2023-27997 Exploit PoC Script with ROP Chain

PoC: CVE-2023-27997-POC

Fortigate SSL VPN buffer overflow exploit

PoC: CVE-2023-27997-tutorial

A short tutorial about how to find and verify FortiOS vulnerablility.

PoC: FortiGate-CVE-2023-27997

FortiGate exploit CVE-2023-27997

PoC: ShodanFortiOS

Search vulnerable FortiOS devices via Shodan (CVE-2023-27997)

PoC: CVE-2023-27997-test-nleyl

test

PoC: CVE-2023-27997-test

test

PoC: CVE-2023-27997-check

Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing

PoC: CVE-2023-27997-POC

POC FortiOS SSL-VPN buffer overflow vulnerability

PoC: cve-2023-27997

cve-2023-27997

PoC: CVE-2023-27997-POC-FortiOS-SSL-VPN-buffer-overflow-vulnerability-ssijz

POC FortiOS SSL-VPN buffer overflow vulnerability

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free