Stack-based buffer overflow in Fortinet FortiWeb

#VU56379 Stack-based buffer overflow in Fortinet FortiWeb

Published: 2021-09-07

Vulnerability identifier: #VU56379

Vulnerability risk: Medium

CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-36179

CWE-ID: CWE-121

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Fortinet FortiWeb
Server applications / Remote management servers, RDP, SSH

Vendor: Fortinet, Inc

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in FortiWeb CLI interface. A remote user can trigger a stack-based buffer overflow and execute unauthorized code or commands via `config backup` arguments.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Fortinet FortiWeb: 6.3.0 - 6.3.14, 6.2.0 - 6.2.4

External links
http://www.fortiguard.com/psirt/FG-IR-20-206

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Buffer overflow in FortiWeb