CVE-2021-26105
MEDIUMDescription
A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically crafted HTTP requests.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | fortisandbox |
| fortinet | fortisandbox |
| fortinet | fortisandbox |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2021-26105? +
How severe is CVE-2021-26105? +
What products are affected by CVE-2021-26105? +
How do I check if I'm vulnerable to CVE-2021-26105? +
Related Vulnerabilities
Backpropagate is a Python library for fine-tuning large language models on a single GPU. In versions 1.1.0 and 1.1.1, the …
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / …
DVP80ES3 with Improperly Implemented Security Check for Standard vulnerability.
The Client secret is not checked when using the OAuth Password grant type. By exploiting this vulnerability, an attacker could …
In liboauth2 the Demonstrating Proof-of-Possession (DPoP) verifier accepts a proof whose JSON Web Key (jwk) header contains private key material. …
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.