PSIRT Advisories
FortiWeb - Double free in pipe management
Summary
A double free vulnerability (CWE-415) in FortiWeb CLI may allow an authenticated, local attacker to achieve arbitrary code execution via specifically crafted commands
Affected Products
FortiWeb version 7.0.0 through 7.0.3Solutions
Please upgrade to FortiWeb version 7.2.0 or abovePlease upgrade to FortiWeb version 7.0.4 or above