Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-24640

Summary
Assigner-fortinet
Assigner Org ID-6abe59d8-c742-4dff-8ce8-9b0ca1073da8
Published At-10 Mar, 2026 | 16:44
Updated At-11 Mar, 2026 | 03:56
Rejected At-
Credits

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:fortinet
Assigner Org ID:6abe59d8-c742-4dff-8ce8-9b0ca1073da8
Published At:10 Mar, 2026 | 16:44
Updated At:11 Mar, 2026 | 03:56
Rejected At:
▼CVE Numbering Authority (CNA)

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests.

Affected Products
Vendor
Fortinet, Inc.Fortinet
Product
FortiWeb
CPEs
  • cpe:2.3:a:fortinet:fortiweb:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.12:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.11:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.10:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.9:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 8.0.0 through 8.0.2 (semver)
  • From 7.6.0 through 7.6.6 (semver)
  • From 7.4.0 through 7.4.12 (semver)
  • From 7.2.0 through 7.2.12 (semver)
  • From 7.0.2 through 7.0.12 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-121Execute unauthorized code or commands
Type: CWE
CWE ID: CWE-121
Description: Execute unauthorized code or commands
Metrics
VersionBase scoreBase severityVector
3.15.9MEDIUM
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Version: 3.1
Base score: 5.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Upgrade to FortiWeb version 8.0.3 or above Upgrade to FortiWeb version 7.6.7 or above

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://fortiguard.fortinet.com/psirt/FG-IR-26-087
N/A
Hyperlink: https://fortiguard.fortinet.com/psirt/FG-IR-26-087
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@fortinet.com
Published At:10 Mar, 2026 | 18:18
Updated At:12 Mar, 2026 | 20:12

A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.6MEDIUM
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Fortinet, Inc.
fortinet
>>fortiweb>>Versions from 7.0.2(inclusive) to 7.0.12(inclusive)
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortiweb>>Versions from 7.2.0(inclusive) to 7.6.7(exclusive)
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortiweb>>Versions from 8.0.0(inclusive) to 8.0.3(exclusive)
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-121Primarypsirt@fortinet.com
CWE-787Primarynvd@nist.gov
CWE ID: CWE-121
Type: Primary
Source: psirt@fortinet.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://fortiguard.fortinet.com/psirt/FG-IR-26-087psirt@fortinet.com
Vendor Advisory
Hyperlink: https://fortiguard.fortinet.com/psirt/FG-IR-26-087
Source: psirt@fortinet.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

80Records found
CVE-2026-30897
Matching Score-10
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-10
Assigner-Fortinet, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 12.97%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 16:44
Updated-12 Mar, 2026 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2022-33871
Matching Score-10
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-10
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-1.15% / 78.57%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30306
Matching Score-10
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-10
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.70% / 72.10%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in the CA sign functionality of FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted password.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-48839
Matching Score-10
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-10
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.09% / 25.15%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 17:01
Updated-26 Feb, 2026 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Out-of-bounds Write vulnerability [CWE-787] in FortiADC 8.0.0, 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to execute arbitrary code via specially crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiadcFortiADC
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-45584
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.29% / 51.83%
||
7 Day CHG+0.07%
Published-12 Aug, 2025 | 18:59
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A double free vulnerability [CWE-415] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.4.0 through 7.4.1, FortiProxy 7.2.0 through 7.2.7, FortiProxy 7.0.0 through 7.0.13 allows a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosfortipamfortiproxyFortiPAMFortiOSFortiProxy
CWE ID-CWE-415
Double Free
CVE-2024-47570
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.05% / 14.03%
||
7 Day CHG-0.04%
Published-09 Dec, 2025 | 17:20
Updated-26 Feb, 2026 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insertion of sensitive information into log file vulnerability [CWE-532] in FortiOS 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0 all versions; FortiProxy 7.4.0 through 7.4.3, 7.2.0 through 7.2.11; FortiPAM 1.4 all versions, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions and FortiSRA 1.4 all versions may allow a read-only administrator to retrieve API tokens of other administrators via observing REST API logs, if REST API logging is enabled (non-default configuration).

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisrafortiosfortisasefortiproxyfortipamFortiSASEFortiPAMFortiOSFortiProxyFortiSRA
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2024-35275
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 31.34%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:08
Updated-31 Jan, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortianalyzer_cloudfortimanager_cloudfortimanagerFortiManagerFortiAnalyzer
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-44247
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 47.92%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 16:19
Updated-14 Jan, 2026 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A double free vulnerability [CWE-415] vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOSfortios
CWE ID-CWE-415
Double Free
CVE-2024-50569
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.13% / 31.97%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 16:09
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb 7.0.0 through 7.6.0 allows attacker to execute unauthorized code or commands via crafted input.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-22254
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 44.71%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 16:36
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7, FortiWeb 7.6.0 through 7.6.1, FortiWeb 7.4.0 through 7.4.6 allows an authenticated attacker with at least read-only admin permissions to gain super-admin privileges via crafted requests to Node.js websocket module.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosfortiwebfortiproxyFortiOSFortiWebFortiProxy
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-44170
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 31.47%
||
7 Day CHG~0.00%
Published-18 Jul, 2022 | 16:35
Updated-25 Oct, 2024 | 13:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortinet FortiProxy, FortiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-42756
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-64.22% / 98.46%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:05
Updated-23 Oct, 2024 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-26010
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.23% / 45.91%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 14:32
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiswitchmanagerfortiosfortipamfortiproxyFortiOSFortiSwitchManagerFortiProxyFortiPAM
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-42757
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.07% / 21.95%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 11:01
Updated-16 Oct, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortivoicefortianalyzerfortiwebfortiportalfortiproxyfortimanagerfortiswitchfortirecorder_firmwarefortios-6k7kfortiadcfortiosfortindrfortimailFortiManagerFortiRecorderFortiPortalFortiSwitchFortiADCFortiVoiceFortiDDoS-FFortiDDoSFortiNDRFortiMailFortiAnalyzerFortiOSFortiProxyFortiWeb
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43071
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.48% / 65.23%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 09:18
Updated-25 Oct, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-41027
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.3||HIGH
EPSS-0.18% / 39.49%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 12:55
Updated-25 Oct, 2024 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, allows an authenticated attacker to execute unauthorized code or commands via crafted certificates loaded into the device.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-41017
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-1.07% / 77.83%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 18:51
Updated-25 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflow vulnerabilities in some web API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow a remote authenticated attacker to execute arbitrary code or commands via specifically crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-23110
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.4||HIGH
EPSS-0.15% / 35.34%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 14:31
Updated-23 Aug, 2024 | 02:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOSfortios
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-46663
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 25.10%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 14:54
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-buffer overflow vulnerability [CWE-121] in Fortinet FortiMail CLI version 7.6.0 through 7.6.1 and before 7.4.3 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI commands.

Action-Not Available
Vendor-Fortinet, Inc.
Product-FortiMail
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-32766
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.03% / 7.09%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 18:59
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-21758
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:09
Updated-18 Feb, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections.

Action-Not Available
Vendor-Fortinet, Inc.
Product-FortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-36194
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.76% / 73.43%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 08:46
Updated-25 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36193
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.50% / 65.88%
||
7 Day CHG~0.00%
Published-02 Feb, 2022 | 11:19
Updated-13 Jan, 2026 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiRecorderFortiDDoS-FFortiDDoS-CMFortiMailFortiVoiceFortiNDRFortiADCFortiFoneFortiDDoSFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36179
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8||HIGH
EPSS-0.58% / 69.12%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 10:15
Updated-25 Oct, 2024 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36186
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.53% / 67.54%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 18:35
Updated-25 Oct, 2024 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36173
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8||HIGH
EPSS-0.67% / 71.48%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 18:42
Updated-25 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortigate-2600ffortigate-1100efortigate_60ffortigate-200ffortigate_2200efortigate_40ffortigate-600efortigate_1800ffortigate_7121ffortigate_3300efortigate-3500ffortigate_3600efortiosfortigate-400eFortinet FortiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-26096
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.53% / 67.06%
||
7 Day CHG~0.00%
Published-04 Aug, 2021 | 17:57
Updated-25 Oct, 2024 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisandboxFortinet FortiSandbox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-26112
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.1||HIGH
EPSS-1.32% / 79.96%
||
7 Day CHG~0.00%
Published-06 Apr, 2022 | 09:15
Updated-25 Oct, 2024 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN before 4.5.9 may allow an unauthenticated attacker to potentially corrupt control data in memory and execute arbitrary code via specifically crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwanFortinet FortiWAN
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-24018
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.12% / 30.48%
||
7 Day CHG~0.00%
Published-04 Aug, 2021 | 14:52
Updated-25 Oct, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortinet FortiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-35276
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-5||MEDIUM
EPSS-0.17% / 37.31%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:08
Updated-31 Jan, 2025 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7 allows attacker to execute unauthorized code or commands via specially crafted packets.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortianalyzer_cloudfortimanager_cloudfortimanagerFortiManagerFortiAnalyzer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-35273
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7||HIGH
EPSS-0.21% / 43.78%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:08
Updated-31 Jan, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortianalyzer_cloudfortimanager_cloudfortimanagerFortiManagerFortiAnalyzer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-33505
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.27% / 50.33%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 18:53
Updated-31 Jan, 2025 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specially crafted http requests

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortimanager_cloudfortimanagerFortiManagerFortiAnalyzer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-31496
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.07% / 21.91%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 18:53
Updated-21 Jan, 2025 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzer_big_datafortimanagerfortianalyzerFortiManagerFortiAnalyzer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-40688
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 38.70%
||
7 Day CHG~0.00%
Published-14 Apr, 2026 | 22:35
Updated-20 Apr, 2026 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-46720
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.07% / 20.23%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 14:32
Updated-27 Aug, 2025 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOSfortios
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-29019
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.99% / 76.94%
||
7 Day CHG~0.00%
Published-14 Jan, 2021 | 16:01
Updated-25 Oct, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-46718
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.02% / 5.85%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 15:23
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosfortiproxyFortiOSFortiProxy
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-42790
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.7||HIGH
EPSS-0.13% / 32.17%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 15:09
Updated-17 Sep, 2024 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxy
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-42789
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-30.02% / 96.69%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 15:09
Updated-12 Aug, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxyFortiPAMfortiosfortipamfortiproxy
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33308
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.8||CRITICAL
EPSS-6.53% / 91.19%
||
7 Day CHG~0.00%
Published-26 Jul, 2023 | 14:00
Updated-23 Oct, 2024 | 13:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxy
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-29182
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.04% / 11.17%
||
7 Day CHG~0.00%
Published-17 Aug, 2023 | 09:42
Updated-08 Oct, 2024 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOSfortios
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-21762
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-92.68% / 99.76%
||
7 Day CHG-0.03%
Published-09 Feb, 2024 | 08:14
Updated-24 Oct, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-02-16||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxyfortiproxyfortiosFortiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27997
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.2||CRITICAL
EPSS-88.90% / 99.53%
||
7 Day CHG-1.17%
Published-13 Jun, 2023 | 08:41
Updated-24 Oct, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-07-04||Apply updates per vendor instructions.

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosfortigate_6000fortigate_7000FortiOS-6K7KFortiProxyFortiOSFortiOS and FortiProxy SSL-VPN
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-32756
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-41.63% / 97.44%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 14:46
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-06-04||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.

Action-Not Available
Vendor-Fortinet, Inc.
Product-forticamera_firmwarefortivoiceforticamerafortimailfortindrfortirecorderFortiRecorderFortiVoiceFortiCameraFortiNDRFortiMailMultiple Products
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-13383
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.76% / 82.73%
||
7 Day CHG+0.62%
Published-29 May, 2019 | 17:20
Updated-24 Oct, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-10||Apply updates per vendor instructions.

A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortinet FortiOS and FortiProxyFortiOS and FortiProxy
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-25602
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.4||HIGH
EPSS-0.06% / 18.55%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:05
Updated-23 Oct, 2024 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-23780
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.6||HIGH
EPSS-0.49% / 65.63%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:05
Updated-23 Oct, 2024 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of privilege via specifically crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-23781
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.1||MEDIUM
EPSS-1.08% / 77.99%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-23782
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.1||HIGH
EPSS-0.14% / 33.60%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:05
Updated-23 Oct, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb version 6.3.0 through 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows attacker to escalation of privilege via specifically crafted arguments to existing commands.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22639
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.05% / 15.15%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 08:41
Updated-23 Oct, 2024 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxy
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • Next
Details not found