Description
An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests.
Published: 2026-04-14
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch
AI Analysis

Impact

An out‑of‑bounds write flaw exists in Fortinet FortiWeb firmware versions 8.0.0 through 8.0.3, 7.6.0 through 7.6.6, and 7.4.0 through 7.4.11. A privileged attacker can send specially crafted HTTP requests that trigger a memory corruption, allowing remote execution of arbitrary code or system commands. This flaw compromises the confidentiality, integrity and availability of the impacted Web Application Firewall, potentially giving an attacker full control over the appliance.

Affected Systems

Fortinet FortiWeb devices running versions 8.0.0 through 8.0.3, 7.6.0 through 7.6.6, and 7.4.0 through 7.4.11 are affected. The product is a web application firewall released by Fortinet.

Risk and Exploitability

The CVSS base score is 6.7, indicating a moderate severity. A publicly published EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is not explicitly specified in the advisory; based on the nature of the flaw, the likely vector comes from requests processed by the FortiWeb appliance, which suggests remote exploitation through network traffic directed at the device.

Generated by OpenCVE AI on April 15, 2026 at 10:27 UTC.

Remediation

Vendor Solution

Upgrade to FortiWeb version 8.0.4 or above Upgrade to FortiWeb version 7.6.7 or above Upgrade to FortiWeb version 7.4.12 or above

OpenCVE Recommended Actions

  • Upgrade FortiWeb to version 8.0.4 or newer
  • Upgrade FortiWeb to version 7.6.7 or newer
  • Upgrade FortiWeb to version 7.4.12 or newer

Generated by OpenCVE AI on April 15, 2026 at 10:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 14:45:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Write Allowing Remote Code Execution in Fortinet FortiWeb

Wed, 15 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
Description A out-of-bounds write vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow attacker to execute unauthorized code or commands via <insert attack vector here> An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests.

Tue, 14 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description A out-of-bounds write vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow attacker to execute unauthorized code or commands via <insert attack vector here>
First Time appeared Fortinet
Fortinet fortiweb
Weaknesses CWE-787
CPEs cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.10:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.11:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.4.9:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:7.6.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:8.0.3:*:*:*:*:*:*:*
Vendors & Products Fortinet
Fortinet fortiweb
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C'}

Subscriptions

Fortinet Fortiweb
cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published:

Updated: 2026-04-15T16:14:11.555Z

Reserved: 2026-04-14T22:32:07.399Z

Link: CVE-2026-40688

cve-icon Vulnrichment

Updated: 2026-04-15T16:12:13.048Z

cve-icon NVD

Status : Received

Published: 2026-04-14T23:16:29.633

Modified: 2026-04-15T09:16:32.413

Link: CVE-2026-40688

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T14:31:57Z

Weaknesses