Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-6909

CWE-119Buffer Overflow5 documents5 sources
Severity
9.8CRITICAL
EPSS
63.4%
top 1.59%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Fortinet FortiosFortinet Fortiswitch
Timeline
PublishedAug 24
Latest updateMay 14

Description

Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDfortinet/fortios4.1.04.1.11+2

🔴Vulnerability Details

3
GHSA
GHSA-f3wq-8j4r-5p8m: Buffer overflow in the Cookie parser in Fortinet FortiOS 42022-05-14
CVEList
CVE-2016-6909: Buffer overflow in the Cookie parser in Fortinet FortiOS 42016-08-24
VulnCheck
Fortinet FortiOS Improper Restriction of Operations within the Bounds of a Memory Buffer2016

💥Exploits & PoCs

1
Exploit-DB
Fortigate Firewalls - 'EGREGIOUSBLUNDER' Remote Code Execution2016-08-19
CVE-2016-6909 (CRITICAL CVSS 9.8) | Buffer overflow in the Cookie parse | cvebase.io