Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

vulnerability

Fortinet FortiOS: CVE-2023-22641: Open redirect in sslvpnd

Severity
3
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Apr 11, 2023
Added
Apr 20, 2023
Modified
Jun 23, 2026

Description

A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiOS and FortiProxy sslvpnd may allow an authenticated attacker to redirect users to any arbitrary website via a crafted URL.

Solution

fortios-upgrade-latest
Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.