Unrated severityNVD Advisory· Published Feb 2, 2022· Updated Jan 13, 2026

CVE-2021-36193

Description

Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands.

Affected products

Fortinet/Fortimailv5
cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*
Range: 7.0.0
Fortinet/Fortindrv5
cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*
Range: 1.5.0
Fortinet/FortiRecorderv5
cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*
Range: 6.4.0
Fortinet/Fortivoicev5
cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*
Range: 6.4.0
Fortinet/Fortiwebv5
cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*
Range: 6.4.0
Fortinet/FortiADCv5
cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*
Range: 7.0.0
Fortinet/FortiDDoSv5
cpe:2.3:o:fortinet:fortiddos:5.7.0:*:*:*:*:*:*:*
Range: 5.7.0
Fortinet/Fortiddos Fv5
cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*
Range: 6.3.0
Fortinet/FortiDDoS-CMv5
Range: 5.5.0
Fortinet/FortiFonev5
Range: 3.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

fortiguard.com/advisory/FG-IR-21-132mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000