Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiOS, and FortiProxy
Top of the list is a severe bug residing in the FortiNAC network access control solution (CVE-2022-39952, CVSS score: 9.8) that could lead to arbitrary code execution. ... The second flaw of note is a set of stack-based buffer overflow in FortiWeb's proxy daemon ( CVE-2021-42756, CVSS score: 9.3) that could enable an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests. CVEs: CVE-2021-42756, CVE-2022-39952 [View Article](https://thehackernews.com/2023/02/fortinet-issues-patches-for-40-flaws.html)