How severe is CVE-2021-44168?

CVE-2021-44168 has a CVSS v3 score of 3.3 (LOW).

CVE-2021-44168

Name: fortios
Author: fortinet

3.3LOW

A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the de

发布于: 1/4/2022更新于: 10/24/2025

CISA已知被利用漏洞

Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.

所需操作:

Apply updates per vendor instructions.

截止日期:

2021-12-24

描述

A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.

AI分析AI驱动

受影响产品

fortinetfortios

参考资料

https://fortiguard.com/psirt/FG-IR-21-201
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-21-201
Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44168
US Government Resource