CVE-2021-42757
Description
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
Risk Information
Base Score
6.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.073
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Out-of-bounds Write Vulnerability (CVE-2021-42757) | NCM |
| CVE-2021-42757 | NCM |
| Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability (CVE-2021-42757) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234