VYPR
Unrated severityNVD Advisory· Published Feb 2, 2022· Updated Jan 13, 2026

CVE-2021-36193

CVE-2021-36193

Description

Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands.

Affected products

11
  • cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*
    Range: 7.0.0
  • cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*
    Range: 1.5.0
  • cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*
    Range: 6.4.0
  • cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*
    Range: 6.4.0
  • Fortinet/Fortiwebv52 versions
    cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*range: 6.4.0
    • (no CPE)range: <6.4.2
  • cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*
    Range: 7.0.0
  • Fortinet/Fortiddos Fcpe-rescue3 versions
    cpe:2.3:o:fortinet:fortiddos:5.7.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:fortinet:fortiddos:5.7.0:*:*:*:*:*:*:*range: 5.7.0
    • cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*range: 6.3.0
    • (no CPE)range: 5.5.0
  • Range: 3.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.