Fortinet: >> Fortiweb >> 7.0.2 Security Vulnerabilities
A relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to information disclosure via specially crafted web requests.
CVSS Score
5.7
EPSS Score
0.003
Published
2023-02-16
A double free in Fortinet FortiWeb version 7.0.0 through 7.0.3 may allows attacker to execute unauthorized code or commands via specially crafted commands
CVSS Score
7.8
EPSS Score
0.001
Published
2023-02-16
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attackerĀ to inject arbitrary headers.
CVSS Score
5.4
EPSS Score
0.003
Published
2023-01-03
Page 5