Stack-based Buffer Overflow in command line interpreter Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-21-234 Final 1 1 2023-02-16T00:00:00 Current version 2023-02-16T00:00:00 2023-02-16T00:00:00 A stack-based buffer overflow [CWE-121] in the command line interpreter of FortiWeb may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments. None Execute unauthorized code or commands FortiWeb 6.4 all versions.FortiWeb versions 6.3.17 and earlier.FortiWeb versions 6.2.6 and earlier.FortiWeb versions 6.1.2 and earlier.FortiWeb versions 6.0.7 and earlier.FortiWeb versions 5.9.1 and earlier.FortiWeb 5.8 all versionsFortiWeb 5.7 all versionsFortiWeb 5.6 all versions Please upgrade to FortiWeb version 7.0.0 or abovePlease upgrade to FortiWeb version 6.3.18 or abovePlease upgrade to FortiWeb version 6.2.7 or abovePlease upgrade to FortiWeb version 6.1.3 or abovePlease upgrade to FortiWeb version 6.0.8 or abovePlease upgrade to FortiWeb version 5.9.2 or above Internally discovered and reported by Gwendal Guégniaud of Fortinet Product Security Team. CVE-2023-25602 7.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-21-234 Stack-based Buffer Overflow in command line interpreter Reference>