Format String Vulnerability in FortiWeb by Fortinet
CVE-2020-29018
8.8HIGH
What is CVE-2020-29018?
A format string vulnerability exists in FortiWeb versions 6.3.0 through 6.3.5. This issue permits an authenticated, remote attacker to manipulate the redir parameter, potentially enabling them to read sensitive information from the memory. This vulnerability poses a significant risk for the confidentiality of sensitive data processed by affected systems.
Affected Version(s)
Fortinet FortiWeb FortiWeb 6.3.0 through 6.3.5