A buffer overflow [CWE-121] in the TFTP client library of FortiOS prior to 6.4.7 and FortiOS 7.0.0 up to and including 7.0.2, may allow an authenticated local malicious user to achieve arbitrary code execution via specially crafted command line arguments.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
fortinet fortiweb 6.4.0 |
||
fortinet fortios |
||
fortinet fortiweb 6.4.1 |
||
fortinet fortiproxy 7.0.0 |
||
fortinet fortimanager |
||
fortinet fortianalyzer |
||
fortinet fortiproxy 7.0.1 |
||
fortinet fortimail |
||
fortinet fortios-6k7k 6.4.6 |
||
fortinet fortios-6k7k 6.4.2 |
||
fortinet fortiweb |
||
fortinet fortiproxy |
||
fortinet fortindr |
||
fortinet fortiswitch |
||
fortinet fortirecorder firmware |
||
fortinet fortios-6k7k |
||
fortinet fortiadc |
||
fortinet fortiportal |
||
fortinet fortivoice |
Vulmon