VYPR
Unrated severityNVD Advisory· Published Dec 8, 2021· Updated Oct 25, 2024

CVE-2021-36180

CVE-2021-36180

Description

Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.5 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests.

Affected products

2
  • Fortinet/Fortiwebllm-fuzzy2 versions
    <=6.4.1+ 1 more
    • (no CPE)range: <=6.4.1
    • (no CPE)range: FortiWeb 6.4.1 and below, 6.3.15 and below, 6.2.5 and below

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.