Lucene search
K

Vulnerabilities fixed in Fortinet FortiWeb

🗓️ 12 Mar 2026 07:46:15Reported by NCSCType 
ncsc
 ncsc
🔗 advisories.ncsc.nl👁 9 Views

FortiWeb updates fix hostname bypass, API command injection, rate-limit bypass, stack overflow, and null pointer issues.

Related
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-30897
10 Mar 202616:44
attackerkb
BDU FSTEC
The vulnerability of the software interface of FortiWeb web applications allows attackers to circumvent existing security restrictions.
17 Mar 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of Fortinet FortiWeb web applications lies in the lack of measures taken to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands.
17 Mar 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of Fortinet FortiWeb network firewalls lies in insufficient control over the frequency of interactions between devices. This allows attackers to circumvent the limit on the number of authentication attempts.
17 Mar 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of the FortiWeb web application’s network interface programming interface, related to stack-based buffer overflows, allows an attacker to execute arbitrary code.
17 Mar 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of Fortinet FortiWeb web applications’ network firewalls, related to pointer swapping errors, allows attackers to trigger a service failure.
17 Mar 202600:00
bdu_fstec
BDU FSTEC
The vulnerability of Fortinet FortiWeb network firewalls, related to buffer overflow in the stack, allows attackers to bypass the stack and ASLR protections and execute arbitrary code.
17 Mar 202600:00
bdu_fstec
Circl
CVE-2025-66178
12 Mar 202623:00
circl
Circl
CVE-2026-24017
11 Mar 202610:50
circl
Circl
CVE-2026-24641
5 Apr 202618:54
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

12 Mar 2026 07:46Current
6.2Medium risk
Vulners AI Score6.2
CVSS 3.16.5 - 8.1
EPSS0.01667
SSVC
9