← back
CVE-2020-29018

CVE-2020-29018

EPSS 2.0%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
14 Jan 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.
Affected products
Fortinet · Fortinet FortiWeb

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.fortiguard.com/psirt/FG-IR-20-123