FortiWeb - Stack-based buffer overflows in API controllers

2021-12-0700:00:00

FortiGuard Labs

www.fortiguard.com

0.001 Low

EPSS

Percentile

40.7%

JSON

Multiple stack-based buffer overflows [CWE-121] in the API controllers of FortiWeb may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests.

CPENameOperatorVersion
fortiwebeq6.4.1
fortiwebeq6.4.0
fortiwebeq6.3.9
fortiwebeq6.3.8
fortiwebeq6.3.7
fortiwebeq6.3.6
fortiwebeq6.3.5
fortiwebeq6.3.4
fortiwebeq6.3.3
fortiwebeq6.3.2

Name	Operator	Version
fortiweb	eq	6.4.1
fortiweb	eq	6.4.0
fortiweb	eq	6.3.9
fortiweb	eq	6.3.8
fortiweb	eq	6.3.7
fortiweb	eq	6.3.6
fortiweb	eq	6.3.5
fortiweb	eq	6.3.4
fortiweb	eq	6.3.3
fortiweb	eq	6.3.2

Rows per page:

1-10 of 181

0.001 Low

EPSS

Percentile

40.7%

JSON

Related for FG-IR-21-152