No analysis available yet.
Vendor Solution
Upgrade to FortiWebManager version 7.4.0 or above Upgrade to FortiWebManager version 7.2.1 or above Upgrade to FortiWebManager version 7.0.5 or above Upgrade to FortiWebManager version 6.3.1 or above Upgrade to FortiWebManager version 6.2.5 or above
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2024-21141 | An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. |
| Link | Providers |
|---|---|
| https://fortiguard.fortinet.com/psirt/FG-IR-23-222 |
|
Wed, 08 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Fortinet fortiweb Manager
|
|
| CPEs | cpe:2.3:a:fortinet:fortiweb_manager:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb_manager:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb_manager:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb_manager:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb_manager:7.2.0:*:*:*:*:*:*:* |
|
| Vendors & Products |
Fortinet fortiweb Manager
|
|
| Metrics |
ssvc
|
Wed, 08 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. | An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebManager 6.3.0, FortiWebManager 6.2.3 through 6.2.4, FortiWebManager 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. |
| CPEs | cpe:2.3:a:fortinet:fortiwebmanager:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:6.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:7.0.4:*:*:*:*:*:*:* |
|
| Metrics |
cvssV3_1
|
cvssV3_1
|
Sat, 12 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Tue, 17 Dec 2024 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Fortinet
Fortinet fortiwebmanager |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:* |
|
| Vendors & Products |
Fortinet
Fortinet fortiwebmanager |
Status: PUBLISHED
Assigner: fortinet
Published:
Updated: 2026-07-08T13:03:45.984Z
Reserved: 2024-01-19T08:23:28.613Z
Link: CVE-2024-23668
Updated: 2024-08-01T23:06:25.289Z
Status : Analyzed
Published: 2024-06-03T10:15:13.320
Modified: 2026-06-17T07:13:20.877
Link: CVE-2024-23668
No data.
OpenCVE Enrichment
No data.
-
CWE-20
Improper Input Validation
- NVD-CWE-noinfo
EUVD