Rapid7

vulnerability

Fortinet FortiOS: CVE-2024-23110: Multiple buffer overflows in diag npu command

Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Jun 11, 2024
Added
Aug 26, 2024
Modified
Jun 23, 2026

Description

Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the command line interpreter of FortiOS may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.

Solution

fortios-upgrade-latest
Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.