CVE-2021-42756

Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-21-186 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*

History

24 Feb 2023, 19:58

Type Values Removed Values Added
New CVE

Information

Published : 2023-02-16 19:15

Updated : 2024-02-04 23:14


NVD link : CVE-2021-42756

Mitre link : CVE-2021-42756

CVE.ORG link : CVE-2021-42756


JSON object : View

Products Affected

fortinet

  • fortiweb
CWE
CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow