XORtigate: Pre-authentication Remote Code Execution on Fortigate VPN (CVE-2023-27997)
Wed 14 June 2023
A pre-authentication remote code execution on Fortigate SSL VPN was discovered by Lexfo (CVE-2023-27997).
CVE-2023-27997 - Forensics short notice for XORtigate
Tue 13 June 2023
Some feedbacks on what we observed in Forensics with the Pre-auth RCE on Fortigate VPN (CVE-2023-27997) in our test environment.
Visit also our blog dedicated to web security research