PSIRT Advisories
FortiWeb - format string vulnerability in the CLI
Summary
A format string vulnerability [CWE-134] in the command line interpreter of FortiWeb may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.
Affected Products
FortiWeb version 7.0.0 through 7.0.1FortiWeb 6.4 all versions