← back
CVE-2020-29016

CVE-2020-29016

EPSS 3.3%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 3.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
14 Jan 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname.
Affected products
Fortinet · Fortinet FortiWeb

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.fortiguard.com/psirt/FG-IR-20-125