A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and previous versions, 6.4 all versions, version 6.3.19 and previous versions may allow a privileged malicious user to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiweb 6.4.0 |
||
fortinet fortiweb 6.4.1 |
||
fortinet fortiweb 6.4.2 |
||
fortinet fortiweb 7.0.0 |
||
fortinet fortiweb 7.0.1 |
||
fortinet fortiweb |