CVE-2021-43071

December 10, 2021

A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller.

Summary:

A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller.

Reference Links(if available):

  • https://fortiguard.com/advisory/FG-IR-21-188

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    CISA Logo

    CISA: CISA Releases Eight Industrial Control Systems Advisories

    May 7, 2024
    CISA Logo

    CISA: Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms

    May 7, 2024
    CISA Logo

    CISA: CISA Releases Three Industrial Control Systems Advisories

    May 7, 2024
    CISA Logo

    CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

    May 7, 2024
    CISA Logo

    CISA: CISA Adds One Known Exploited Vulnerability to Catalog

    May 7, 2024