vulnerability

Fortinet FortiOS: CVE-2023-22641: Open redirect in sslvpnd

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Apr 11, 2023

Added

Apr 20, 2023

Modified

Jun 23, 2026

Description

A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiOS and FortiProxy sslvpnd may allow an authenticated attacker to redirect users to any arbitrary website via a crafted URL.

Solution

fortios-upgrade-latest

References

https://www.fortiguard.com/psirt/FG-IR-22-479
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-26775
CVE-2023-22641
https://attackerkb.com/topics/CVE-2023-22641
CWE-601
EUVD-EUVD-2023-26775

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report