Heap-based Buffer Overflow Vulnerabilities in FortiWeb by Fortinet
CVE-2021-41017
8.8HIGH
What is CVE-2021-41017?
Multiple heap-based buffer overflow vulnerabilities exist in certain web API controllers of FortiWeb (versions 6.3.0 to 6.4.1). Aimed at authenticated users, these vulnerabilities can be exploited by sending specially crafted HTTP requests, potentially allowing attackers to execute arbitrary commands or code remotely, thereby compromising system integrity and security.
Affected Version(s)
Fortinet FortiWeb FortiWeb 6.4.1, 6.4.0, 6.3.0 through 6.3.15