Home
MEDIUM: 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:CDefault status
unaffected
8.0.0 (semver)
affected
7.6.0 (semver)
affected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.2 (semver)
affected
Description
A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests.
Problem types
Execute unauthorized code or commands
Product status
8.0.0 (semver)
7.6.0 (semver)
7.4.0 (semver)
7.2.0 (semver)
7.0.2 (semver)
References
fortiguard.fortinet.com/psirt/FG-IR-26-087