CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.1%

CVSS Severity

CVSS v3 Score 6.4

References

https://fortiguard.fortinet.com/psirt/FG-IR-23-458

Products affected by CVE-2024-21758

Fortinet » Fortiweb » Version: 7.2.0

cpe:2.3:a:fortinet:fortiweb:7.2.0
Fortinet » Fortiweb » Version: 7.2.1

cpe:2.3:a:fortinet:fortiweb:7.2.1
Fortinet » Fortiweb » Version: 7.2.2

cpe:2.3:a:fortinet:fortiweb:7.2.2
Fortinet » Fortiweb » Version: 7.2.3

cpe:2.3:a:fortinet:fortiweb:7.2.3
Fortinet » Fortiweb » Version: 7.2.4

cpe:2.3:a:fortinet:fortiweb:7.2.4
Fortinet » Fortiweb » Version: 7.2.5

cpe:2.3:a:fortinet:fortiweb:7.2.5
Fortinet » Fortiweb » Version: 7.2.6

cpe:2.3:a:fortinet:fortiweb:7.2.6
Fortinet » Fortiweb » Version: 7.2.7

cpe:2.3:a:fortinet:fortiweb:7.2.7
Fortinet » Fortiweb » Version: 7.4.0

cpe:2.3:a:fortinet:fortiweb:7.4.0
Fortinet » Fortiweb » Version: 7.4.1

cpe:2.3:a:fortinet:fortiweb:7.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-21758

Products

Pricing

Contact Us