CVE-2024-23105
HIGHDescription
A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets.
Is your site exposed to CVE-2024-23105?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | fortiportal |
| fortinet | fortiportal |
| fortinet | fortiportal |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-23105? +
How severe is CVE-2024-23105? +
What products are affected by CVE-2024-23105? +
How do I check if I'm vulnerable to CVE-2024-23105? +
Related Vulnerabilities
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such …
Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients …
Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on …
Fabio is an HTTP(S) and TCP router for deploying applications managed by consul. Prior to version 1.6.6, Fabio allows clients …
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The official Docker image for …
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE