CVE-2026-30897

A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests.

CVSS v3 6.6 MEDIUM

6.6^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.7 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fortiguard.fortinet.com/psirt/FG-IR-26-093	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb::::::::

History

12 Mar 2026, 17:10

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de desbordamiento de búfer basado en pila en Fortinet FortiWeb 8.0.0 hasta 8.0.3, FortiWeb 7.6.0 hasta 7.6.6, FortiWeb 7.4.0 hasta 7.4.11, FortiWeb 7.2 todas las versiones, FortiWeb 7.0 todas las versiones puede permitir a un atacante remoto autenticado que puede eludir la protección de pila y ASLR ejecutar código o comandos arbitrarios mediante solicitudes HTTP manipuladas.
CPE		cpe:2.3:a:fortinet:fortiweb::::::::
References	~~() https://fortiguard.fortinet.com/psirt/FG-IR-26-093 -~~	() https://fortiguard.fortinet.com/psirt/FG-IR-26-093 - Vendor Advisory
First Time		Fortinet Fortinet fortiweb

10 Mar 2026, 18:18

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-10 18:18

Updated : 2026-03-12 17:10

NVD link : CVE-2026-30897

Mitre link : CVE-2026-30897

CVE.ORG link : CVE-2026-30897

JSON object : View

Products Affected

fortinet

fortiweb

CWE

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2026-30897", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.7}]}, "published": "2026-03-10T18:18:51.227", "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-093", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests."}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento de b\u00fafer basado en pila en Fortinet FortiWeb 8.0.0 hasta 8.0.3, FortiWeb 7.6.0 hasta 7.6.6, FortiWeb 7.4.0 hasta 7.4.11, FortiWeb 7.2 todas las versiones, FortiWeb 7.0 todas las versiones puede permitir a un atacante remoto autenticado que puede eludir la protecci\u00f3n de pila y ASLR ejecutar c\u00f3digo o comandos arbitrarios mediante solicitudes HTTP manipuladas."}], "lastModified": "2026-03-12T17:10:03.650", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "315AEB16-B28E-4D45-B4A8-0D4CAB31F6F5", "versionEndExcluding": "7.4.12", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15C9CDE3-FE6F-4946-A3DC-FDD7A5F99D65", "versionEndExcluding": "7.6.7", "versionStartIncluding": "7.6.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C922491-BA4C-48DF-8697-8FE742FDA39B", "versionEndExcluding": "8.0.4", "versionStartIncluding": "8.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}