FortiOS HTTPD is vulnerable to a Stack-based Buffer Overflow vulnerability
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server.
Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.
FortiOS versions 6.0.10 and below.
FortiOS versions 6.2.2 and below.
Please upgrade to FortiGate version 6.0.11 or above.
Please upgrade to FortiGate version 6.2.3 or above.
Please upgrade to FortiGate version 6.4.0 or above.