A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
Attack Vector (AV) | Network | Adjacent | Local | Physical |
---|---|---|---|---|
Attack Complexity (AC) | LOW | High | ||
Privileges Required (PR) | None | Low | High | |
User Interaction (UI) | None | Required | ||
Scope (S) | Unchange | Change | ||
Confidentiality (C) | None | Low | High | |
Integrity (I) | None | Low | High | |
Availability (A) | None | Low | High |
CVE Infomation | Exploits or more Infomation |
---|---|
mitre | EXPLOIT DATABASE |
NVD | 0day.today |
vulmon.com | github |
CVE Details | |
JVN ENG JPN | |
Reconshell |
Software Tag: Apple(1 tweets) Linux(4 tweets) VPN(128 tweets) Windows(3 tweets) iOS(146 tweets)
List of frequently cited URLs
List of frequently cited URLs
Name | URL |
---|---|
bryanster/ioc-cve-2022-42475 | https://github.com/bryanster/ioc-cve-2022-42475 |
Live-Hack-CVE/CVE-2022-42475 | https://github.com/Live-Hack-CVE/CVE-2022-42475 |
Name | URL |
---|---|
bryanster/ioc-cve-2022-42475 | github.com |
Live-Hack-CVE/CVE-2022-42475 | github.com |