CVE-2021-42756

CRITICAL

FortiWeb <=6.4.x Unauthenticated Remote Code Execution via Crafted HTTP Requests

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-42756. PoCs published by 3ndorph1n.

AI-analyzed exploit summary This PoC exploits a stack-based buffer overflow in FortiWeb's proxy daemon (CVE-2021-42756) by sending a crafted HTTP POST request with an oversized payload to achieve remote code execution. The exploit uses ROP gadgets to bypass ASLR and execute a reverse shell.

Description

Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.

Exploits (1)

nomisec WORKING POC
by 3ndorph1n · poc
https://github.com/3ndorph1n/CVE-2021-42756

This PoC exploits a stack-based buffer overflow in FortiWeb's proxy daemon (CVE-2021-42756) by sending a crafted HTTP POST request with an oversized payload to achieve remote code execution. The exploit uses ROP gadgets to bypass ASLR and execute a reverse shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: FortiWeb 5.x, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions
No auth needed
Prerequisites: MitB protection enabled on FortiWeb · Network access to the target · ASLR disabled or bypassed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.3640
EPSS Percentile 98.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-121 CWE-787
Status published
Products (1)
fortinet/fortiweb 5.6.0 - 6.0.8
Published Feb 16, 2023
Tracked Since Feb 18, 2026