← back
CVE-2016-6909observed exploitation

CVE-2016-6909

57Vexday Risk Score

Prioritize patching. It exploitation observed by VulnCheck and has a public proof of concept.

ssvc Actepss 50%
from disclosure to weapon0 days
Published on NVDAug 24
1st PoCAug 19
VulnCheck+35d
exploitation probability
50%top 1% of all CVEs
observed exploitation
yesVulnCheck
3 public exploit(s)
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.