CVE-2021-26105

High

A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and…

fortinet·CWE-358·Published 2025-03-24

CVSS

8.8

EPSS

0.00

KEV

Exploits

cve.orgen

269 chars

A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically crafted HTTP requests.

NVDen

269 chars

NVDes

327 chars

Una vulnerabilidad de desbordamiento de búfer basada en pila (CWE-121) en el analizador de perfiles de FortiSandbox versión 3.2.2 y anteriores, versión 3.1.4 y anteriores puede permitir que un atacante autenticado potencialmente ejecute código o comandos no autorizados a través de solicitudes HTTP específicamente manipuladas.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	6.4	—	—	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:X/RC:X