{"vulnerability": "CVE-2023-3793", "sightings": [{"uuid": "8531b96e-490f-4bf4-b79a-691b4a0a79f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113827158991251737", "content": "", "creation_timestamp": "2025-01-14T14:23:29.335160Z"}, {"uuid": "ccb2b0af-eaff-4aba-8b82-f2c66b063bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37937", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113827167345154948", "content": "", "creation_timestamp": "2025-01-14T14:25:36.675643Z"}, {"uuid": "5df2c578-c7c0-4881-acd4-a82c955829d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37931", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113827176365867790", "content": "", "creation_timestamp": "2025-01-14T14:27:54.348460Z"}, {"uuid": "f1b44db8-dbb9-44d5-bfeb-392c25a35bd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37931", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113827256713258945", "content": "", "creation_timestamp": "2025-01-14T14:48:21.280422Z"}, {"uuid": "0e3c8bd5-1d25-4c38-ae98-36f4c00d0adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113827256756862341", "content": "", "creation_timestamp": "2025-01-14T14:48:21.836483Z"}, {"uuid": "c04b088d-a83c-428b-b7fb-e76e9e8400f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37931", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827355879730690", "content": "", "creation_timestamp": "2025-01-14T15:13:33.861682Z"}, {"uuid": "507fcf26-02f8-43f1-a157-5f507b047750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827355879730690", "content": "", "creation_timestamp": "2025-01-14T15:13:34.230298Z"}, {"uuid": "b137d99b-b2b5-4dc6-82a1-63f4e9a3d80a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lfrr3uep4r2m", "content": "", "creation_timestamp": "2025-01-15T12:24:52.743782Z"}, {"uuid": "2394b1fb-5776-4d44-8e1f-e46284468b07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://bsky.app/profile/hackmanac.com/post/3lfrrneevys2e", "content": "", "creation_timestamp": "2025-01-15T12:34:41.868222Z"}, {"uuid": "cb38ed23-598c-419c-a40a-9cd3a8989381", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfrsln25522x", "content": "", "creation_timestamp": "2025-01-15T12:51:42.280702Z"}, {"uuid": "9750be0c-97e9-4c3e-84cb-6940eb3e99fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37937", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827118952435652", "content": "", "creation_timestamp": "2025-01-14T14:13:18.189961Z"}, {"uuid": "5f2ca95e-091f-4b52-9999-b86deb9e51b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37931", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827118923238477", "content": "", "creation_timestamp": "2025-01-14T14:13:18.634459Z"}, {"uuid": "7213697e-e500-429a-86c9-17d1a0d219f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827118938096723", "content": "", "creation_timestamp": "2025-01-14T14:13:21.633336Z"}, {"uuid": "44edce78-5a84-4ff8-aa09-c1de1607170e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37931", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgtukbmf2f", "content": "", "creation_timestamp": "2025-01-14T14:16:07.407017Z"}, {"uuid": "392749f3-6b48-46c9-9524-4a5871bd670a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgtxe2c22t", "content": "", "creation_timestamp": "2025-01-14T14:16:10.053370Z"}, {"uuid": "d1ba29c2-9132-4639-92c5-fef3cf959ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37937", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgu2bdnc2t", "content": "", "creation_timestamp": "2025-01-14T14:16:12.957045Z"}, {"uuid": "636a2dc6-a492-46e4-a557-938d6ecbbc82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-37936", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lft4lf25522q", "content": "", "creation_timestamp": "2025-01-16T01:23:04.345864Z"}, {"uuid": "f2cd9de9-3ccd-4878-be50-ea410cc7e2d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lgetlwdris2q", "content": "", "creation_timestamp": "2025-01-23T02:30:14.634395Z"}, {"uuid": "dbb2a9ef-1e14-4b0a-89c9-a64e8f751aa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1619", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-37936\n\ud83d\udd39 Description: A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.\n\ud83d\udccf Published: 2025-01-14T14:09:30.417Z\n\ud83d\udccf Modified: 2025-01-14T20:55:06.579Z\n\ud83d\udd17 References:\n1. https://fortiguard.com/psirt/FG-IR-23-260", "creation_timestamp": "2025-01-14T21:11:45.000000Z"}, {"uuid": "87b1ef86-7a87-4a7b-8a43-5989e4bb5010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37933", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114144582033933632", "content": "", "creation_timestamp": "2025-03-11T15:48:20.844208Z"}, {"uuid": "5501e8bd-7e90-46da-8fe8-f0838d02831a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37930", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmcygegpo62u", "content": "", "creation_timestamp": "2025-04-08T17:22:27.037182Z"}, {"uuid": "1bd11917-9e0a-4afd-bfa4-c81f4f3843bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37937", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1618", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-37937\n\ud83d\udd39 Description: An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via the FortiSwitch CLI.\n\ud83d\udccf Published: 2025-01-14T14:09:30.314Z\n\ud83d\udccf Modified: 2025-01-14T20:55:14.029Z\n\ud83d\udd17 References:\n1. https://fortiguard.com/psirt/FG-IR-23-258", "creation_timestamp": "2025-01-14T21:11:43.000000Z"}, {"uuid": "c4a0bd85-ac85-4ba5-9e9a-39397a587ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37936", "type": "exploited", "source": "https://t.me/true_secator/6619", "content": "Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 0-day, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0432 FortiOS \u0438 FortiProxy, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b Fortinet \u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0435\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-55591 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 FortiOS 7.0.0 - 7.0.16, FortiProxy 7.0.0 - 7.0.19 \u0438 FortiProxy 7.2.0 - 7.2.12.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441\u0443\u043f\u0435\u0440\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u043c\u043e\u0434\u0443\u043b\u044e \u0432\u0435\u0431-\u0441\u043e\u043a\u0435\u0442\u0430 Node.js.\n\nFortinet \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 0-day \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u044e\u0442 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0441\u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0438\u043b\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u0438\u0445 \u0432 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 SSL VPN \u0438\u043b\u0438 \u0436\u0435 \u0432 \u043d\u043e\u0432\u044b\u0435.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u0445\u043e\u0434 \u0432 SSLVPN \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0442\u0443\u043d\u043d\u0435\u043b\u044f \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 Fortinet \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430.\n\n\u0410 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Arctic Wolf \u0432\u044b\u043a\u0440\u0430\u043b\u0438 \u043e\u0442\u0447\u0435\u0442\u00a0\u00a0\u0441 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 IOC, \u0441\u043e\u043e\u0431\u0449\u0430\u044f \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u043e\u044f\u0431\u0440\u044f \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b Fortinet FortiGate \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u043c\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u0430\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0432\u0445\u043e\u0434 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u0445 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043d\u043e\u0432\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439, \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e SSL VPN \u0447\u0435\u0440\u0435\u0437 \u044d\u0442\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.\n\n\u0425\u043e\u0442\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d, \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430 0-day.\n\n\u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u043c \u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u0445.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Fortinet \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 HTTP/HTTPS \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u0441 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0435\u043d \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u043e\u043b\u0438\u0442\u0438\u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0445\u043e\u0434\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438.\n\nArctic Wolf \u0440\u0430\u0437\u043b\u043e\u0436\u0438\u043b\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 CVE-2024-55591 \u043d\u0430 \u0447\u0435\u0442\u044b\u0440\u0435 \u044d\u0442\u0430\u043f\u0430, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435:\n- 16-23 \u043d\u043e\u044f\u0431\u0440\u044f: \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439;\n- 22-27 \u043d\u043e\u044f\u0431\u0440\u044f: \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0430;\n- 4-7 \u0434\u0435\u043a\u0430\u0431\u0440\u044f: \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f SSL VPN;\n- 16-27 \u0434\u0435\u043a\u0430\u0431\u0440\u044f: \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0442\u043e\u043d\u043a\u0438\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u0438\u044f \u0432 \u043c\u0435\u0442\u043e\u0434\u0430\u0445 \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439, \u0432\u043f\u043e\u043b\u043d\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0447\u0442\u043e \u0432 \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0430\u043a\u0442\u043e\u0440\u043e\u0432, \u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 jsconsole \u0431\u044b\u043b\u043e \u043e\u0431\u0449\u0435\u0439 \u0447\u0435\u0440\u0442\u043e\u0439 \u0434\u043b\u044f \u0432\u0441\u0435\u0445.\n\nArctic Wolf \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 Fortinet \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 12 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 \u043e\u0442 FortiGuard Labs PSIRT 17 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041d\u0430 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u044d\u0442\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0438 \u0432\u043e\u0432\u0441\u044e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0430\u0441\u044c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f Fortinet \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430 (CVE-2023-37936).\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u043a\u043b\u044e\u0447\u043e\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.", "creation_timestamp": "2025-01-14T18:41:58.000000Z"}, {"uuid": "42210f28-51e6-4cd6-aa63-1f0581fe303a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3793", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mklibcr36m2c", "content": "", "creation_timestamp": "2026-04-28T21:03:04.108641Z"}, {"uuid": "4cd77137-65a3-4047-8a47-4c452f0b5816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37930", "type": "seen", "source": "https://t.me/cvedetector/22471", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-37930 - Fortinet FortiOS and FortiProxy Uninitialized Resource and Excessive Iteration Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-37930 \nPublished : April 8, 2025, 2:15 p.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE-834] vulnerabilities in Fortinet FortiOS SSL VPN webmode version 7.4.0, version 7.2.0 through 7.2.5, version 7.0.1 through 7.0.11 and version 6.4.7 through 6.4.14 and Fortinet FortiProxy SSL VPN webmode version 7.2.0 through 7.2.6 and version 7.0.0 through 7.0.12 allows a VPN user to corrupt memory potentially leading to code or commands execution via specifically crafted requests. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T18:11:08.000000Z"}, {"uuid": "bfa8f9d0-f802-4bc4-8c98-c08a5e1b976e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37935", "type": "seen", "source": "https://t.me/cibsecurity/71961", "content": "\u203c CVE-2023-37935 \u203c\n\nA use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T20:16:41.000000Z"}, {"uuid": "5983056d-0e09-417e-84de-94bfd36a811e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37933", "type": "seen", "source": "https://t.me/true_secator/6837", "content": "Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 18 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 FortiOS, FortiProxy, FortiPAM, FortiSRA, FortiAnalyzer, FortiManager, FortiAnalyzer-BigData, FortiSandbox, FortiNDR, FortiWeb, FortiSIEM \u0438 FortiADC.\n\n\u041a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f CVE-2023-48790 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c XSS \u0432 FortiNDR, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412 FortiOS, FortiProxy, FortiPAM, FortiSRA \u0438 FortiWeb \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 CVE-2024-45325, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2023-40723 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 FortiSIEM \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 API-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\u00a0\n\n\u0412 FortiSandbox Fortinet\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-45328 (\u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439), CVE-2024-52961 (\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434) \u0438 CVE-2024-54027 (\u0447\u0442\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445), \u0432\u0441\u0435 \u043e\u043d\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0446\u0435\u043d\u043a\u0443 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 FortiIsolator \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 CVE-2024-55590, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434, \u0430 \u0432 FortiADC \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-37933, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 XSS-\u0430\u0442\u0430\u043a\u0438.\u00a0\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 Fortinet \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0432\u0435\u0431-\u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432.\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0430\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438.\n\nFortinet \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e \u0444\u0430\u043a\u0442\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437 \u043d\u0438\u0445.\n\n\u041d\u043e, \u043a\u0430\u043a \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430, \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.", "creation_timestamp": "2025-03-13T16:20:05.000000Z"}, {"uuid": "81339bb7-47eb-4b72-bac9-0a282cce8b8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37930", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10924", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-37930\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE-834] vulnerabilities in Fortinet FortiOS SSL VPN webmode version 7.4.0, version 7.2.0 through 7.2.5, version 7.0.1 through 7.0.11 and version 6.4.7 through 6.4.14 and Fortinet FortiProxy SSL VPN webmode version 7.2.0 through 7.2.6 and version 7.0.0 through 7.0.12 allows a VPN user to corrupt memory potentially leading to code or commands execution via specifically crafted requests.\n\ud83d\udccf Published: 2025-04-08T14:03:38.016Z\n\ud83d\udccf Modified: 2025-04-08T14:27:09.944Z\n\ud83d\udd17 References:\n1. https://fortiguard.com/psirt/FG-IR-23-165", "creation_timestamp": "2025-04-08T14:47:17.000000Z"}, {"uuid": "c882c0b6-f859-4b09-9985-ec38952f873d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3793", "type": "seen", "source": "https://t.me/cibsecurity/67061", "content": "\u203c CVE-2023-3793 \u203c\n\nA vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql injection. Upgrading to version 10.58.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-235061 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-21T00:33:06.000000Z"}, {"uuid": "99744829-9722-4eb3-b885-0f2496239e93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37932", "type": "seen", "source": "https://t.me/ctinow/174997", "content": "https://ift.tt/1XDPf6Q\nCVE-2023-37932 | Fortinet FortiVoice up to 6.0.12/6.4.7/7.0.0 HTTP Request path traversal (FG-IR-23-219)", "creation_timestamp": "2024-01-28T18:32:02.000000Z"}, {"uuid": "cc216577-35aa-4d79-abeb-fa03e5f398d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37939", "type": "seen", "source": "https://t.me/cibsecurity/71963", "content": "\u203c CVE-2023-37939 \u203c\n\nAn exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in\u00c2\u00a0FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions, 6.2 all versions, may allow a local authenticated attacker with no Administrative privileges to retrieve the list of\u00c2\u00a0files or folders excluded from malware scanning.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T20:16:44.000000Z"}, {"uuid": "b6c53c40-9968-4a0e-99f2-e228692153df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37932", "type": "seen", "source": "https://t.me/ctinow/166072", "content": "https://ift.tt/7Fl68zQ\nCVE-2023-37932", "creation_timestamp": "2024-01-10T19:26:09.000000Z"}, {"uuid": "67901bce-2032-49f0-980f-6a2a6ed693a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37934", "type": "seen", "source": "https://t.me/ctinow/166085", "content": "https://ift.tt/RcC8Ljf\nCVE-2023-37934 | Fortinet FortiPAM up to 1.0.3 HTTP Request allocation of resources (FG-IR-23-226)", "creation_timestamp": "2024-01-10T19:46:35.000000Z"}, {"uuid": "a1249081-9aed-42c4-8c4e-d70ee1a57d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37934", "type": "seen", "source": "https://t.me/ctinow/166073", "content": "https://ift.tt/f6yXGcF\nCVE-2023-37934", "creation_timestamp": "2024-01-10T19:26:11.000000Z"}]}