CVE-2021-43072

CVE Database · CVE-2021-43072

CVE-2021-43072

· MEDIUMModified

CVSS v3.1

6.7

EPSS

0.18%

Published

Jul 18, 2023

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-120CWE-120

Affected Products (9)

fortinet · fortianalyzer (up to 6.4.8)vulnerable

fortinet · fortianalyzer (up to 7.0.3)vulnerable

fortinet · fortimanager (up to 6.4.8)vulnerable

fortinet · fortimanager (up to 7.0.3)vulnerable

fortinet · fortiproxy (up to 2.0.9)vulnerable

fortinet · fortiproxy (up to 7.0.4)vulnerable

fortinet · fortios (up to 6.2.11)vulnerable