Multiple heap-based buffer overflow vulnerabilities in some web API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 up to and including 6.3.15 may allow a remote authenticated malicious user to execute arbitrary code or commands via specifically crafted HTTP requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiweb |
||
fortinet fortiweb 6.4.0 |
||
fortinet fortiweb 6.4.1 |