Private Modification of an Exploit for the CVE-2023-27997 (FortiOS) Vulnerability

Threat actor FromHell advertised a private modification of an exploit for the CVE-2023-27997 (FortiOS) vulnerability in

CVE-2023-27997 is an unspecified vulnerability exists in the SSL/VPN component in Fortinet FortiOS 7.2.4 and earlier that, when exploited, allows an unauthenticated, remote attacker to execute arbitrary code. Several PoCs for the vulnerability are already published.

The vulnerability has 8.1 score in CVSS 3.1 and high risk. Also this vulnerability is exploited in the wild.

Some other exploits for this vulnerability;

Leave a Reply