VDB
CISA-2025-32766
CISA-2025-32766
PUBLISHED
CVSS 6.3 MEDIUM
Reported by fortinet · Published August 12, 2025
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands
Risk Scores
CVSS 3.1
6.3
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | FortiWeb | 7.6.0, 7.4.1 |
| Fortinet | FortiWeb | 7.6.0, 7.4.1, 7.4.1 |
Timeline
- Aug 12, 2025 CVE Published
- Feb 26, 2026 CVE Updated