CVE-2026-30897

Name of the Vulnerable Software and Affected Versions Fortinet FortiWeb versions 7.0 through 7.2 Fortinet FortiWeb versions 7.4.0 through 7.4.11 Fortinet FortiWeb versions 7.6.0 through 7.6.6 Fortinet FortiWeb versions 8.0.0 through 8.0.3

Description A stack-based buffer overflow exists in Fortinet FortiWeb. Successful exploitation may allow a remote authenticated attacker to bypass stack protection and Address Space Layout Randomization (ASLR) and execute arbitrary code or commands via crafted HTTP requests. The vulnerability is triggered by specially crafted HTTP requests that cause a buffer overflow on the stack.

Recommendations FortiWeb versions 7.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability. FortiWeb versions 7.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability. FortiWeb versions 7.4.0 through 7.4.11: At the moment, there is no information about a newer version that contains a fix for this vulnerability. FortiWeb versions 7.6.0 through 7.6.6: At the moment, there is no information about a newer version that contains a fix for this vulnerability. FortiWeb versions 8.0.0 through 8.0.3: At the moment, there is no information about a newer version that contains a fix for this vulnerability.