CRITICAL🇵🇱 Wersja polska

CVE-2023-47539

CVSS 9.8v3.1pub. 2025-03-18upd. 2025-07-24

An improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS authentication and remote_wildcard enabled may allow a remote unauthenticated attacker to bypass admin login via a crafted HTTP request.

🤖 AI Analysis
How it works

The vulnerability results from improper access control (CWE-284) in the RADIUS authentication handling mechanism. When the remote_wildcard option is enabled in the configuration, the application does not properly verify user identity. An attacker can send a crafted HTTP request that allows bypassing the login procedure without providing valid authentication credentials.

Impact

An attacker gains unauthorized access to the FortiMail administrative panel, which potentially results in complete takeover of the mail system, including data access, ability to modify configuration, and privilege escalation.

Mitigation & patch

Apply patches available from the vendor according to references (https://fortiguard.com/psirt/FG-IR-23-439). Until updating, it is recommended to disable the remote_wildcard option or temporarily replace RADIUS with another authentication method, if possible in the given environment.

Who is affected

FortiMail version 7.4.0, configured with RADIUS authentication and remote_wildcard option enabled

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fortinet Fortimail

    APP
    Fortinet
    7.4.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2025-32756CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Stack-based buffer overflow RCE w produktach Fortinet (FortiMail, FortiVoice i inne)

CVE-2021-36166CRITICAL9.8ten sam produkt

An improper authentication vulnerability in FortiMail before 7.0.1 may allow a remote attacker to efficiently ...

CVE-2021-24007CRITICAL9.8ten sam produkt

Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4...

CVE-2020-9294CRITICAL9.8ten sam produkt

An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntrepris...

CVE-2025-53681HIGH7.2ten sam produkt

An improper neutralization of special elements used in an SQL Command ("SQL Injection&") vulnerability [CWE-89...