CVE-2021-36194

Multiple stack-based buffer overflows in the API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests.

Summary:

Multiple stack-based buffer overflows in the API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests.

Reference Links(if available):

  • https://fortiguard.com/advisory/FG-IR-21-152
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)