CVE-2021-42757
08.12.2021, 11:15
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.Enginsight
| Vendor | Product | Version |
|---|---|---|
| fortinet | fortiadc | 5.0.0 ≤ 𝑥 ≤ 6.1.5 |
| fortinet | fortiadc | 6.2.0 ≤ 𝑥 ≤ 6.2.2 |
| fortinet | fortianalyzer | 6.0.0 ≤ 𝑥 ≤ 6.4.7 |
| fortinet | fortianalyzer | 7.0.0 ≤ 𝑥 ≤ 7.0.2 |
| fortinet | fortimail | 5.4.0 ≤ 𝑥 ≤ 6.2.7 |
| fortinet | fortimail | 6.4.0 ≤ 𝑥 ≤ 6.4.6 |
| fortinet | fortimail | 7.0.0 ≤ 𝑥 ≤ 7.0.2 |
| fortinet | fortimanager | 6.0.0 ≤ 𝑥 ≤ 6.4.7 |
| fortinet | fortimanager | 7.0.0 ≤ 𝑥 ≤ 7.0.2 |
| fortinet | fortindr | 1.1.0 ≤ 𝑥 ≤ 1.5.2 |
| fortinet | fortios-6k7k | 𝑥 ≤ 6.2.8 |
| fortinet | fortios-6k7k | 6.4.2 |
| fortinet | fortios-6k7k | 6.4.6 |
| fortinet | fortiportal | 5.0.0 ≤ 𝑥 ≤ 6.0.10 |
| fortinet | fortiproxy | 1.0.0 ≤ 𝑥 ≤ 2.0.7 |
| fortinet | fortiproxy | 7.0.0 |
| fortinet | fortiproxy | 7.0.1 |
| fortinet | fortivoice | 6.0.0 ≤ 𝑥 ≤ 6.0.10 |
| fortinet | fortivoice | 6.4.0 ≤ 𝑥 ≤ 6.4.4 |
| fortinet | fortiweb | 5.0.0 ≤ 𝑥 ≤ 6.3.16 |
| fortinet | fortiweb | 6.4.0 |
| fortinet | fortiweb | 6.4.1 |
| fortinet | fortios | 5.0.0 ≤ 𝑥 ≤ 6.0.13 |
| fortinet | fortios | 6.2.0 ≤ 𝑥 ≤ 6.2.9 |
| fortinet | fortios | 6.4.0 ≤ 𝑥 ≤ 6.4.7 |
| fortinet | fortios | 7.0.0 ≤ 𝑥 ≤ 7.0.2 |
| fortinet | fortirecorder_firmware | 2.6.0 ≤ 𝑥 ≤ 6.0.10 |
| fortinet | fortirecorder_firmware | 6.4.0 ≤ 𝑥 ≤ 6.4.2 |
| fortinet | fortiswitch | 6.0.0 ≤ 𝑥 ≤ 6.4.9 |
| fortinet | fortiswitch | 7.0.0 ≤ 𝑥 ≤ 7.0.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration