Vulnerabilities > Fortinet > Fortios > 6.4.7

DATE CVE VULNERABILITY TITLE RISK
2021-12-13 CVE-2021-36169 Unspecified vulnerability in Fortinet Fortios
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.
local
low complexity
fortinet
6.0
2021-12-08 CVE-2021-42757 Out-of-bounds Write vulnerability in Fortinet products
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
local
low complexity
fortinet CWE-787
6.7
2021-11-17 CVE-2021-32600 Information Exposure vulnerability in Fortinet Fortios
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list.
local
low complexity
fortinet CWE-200
3.8
2021-08-04 CVE-2021-24018 Out-of-bounds Write vulnerability in Fortinet Fortios
A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.
low complexity
fortinet CWE-787
8.8