Fortinet FortiRecorder Firmware 2.7.7

CPE Details

Fortinet FortiRecorder Firmware 2.7.7
fortinet
fortirecorder_firmware
2.7.7
2023-03-13
10h03 +00:00
2023-03-13
10h04 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:fortinet:fortirecorder_firmware:2.7.7:*:*:*:*:*:*:*

Informations

Vendor

fortinet

Product

fortirecorder_firmware

Version

2.7.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-22297 2023-03-07 16h04 +00:00 An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiWeb version 6.4.0 through 6.4.1, FortiWeb version 6.3.0 through 6.3.17, FortiWeb all versions 6.2, FortiWeb all versions 6.1, FortiWeb all versions 6.0, FortiRecorder version 6.4.0 through 6.4.3, FortiRecorder all versions 6.0, FortiRecorder all versions 2.7 may allow an authenticated user to read arbitrary files via specially crafted command arguments.
5.5
Medium
CVE-2021-42757 2021-12-08 10h01 +00:00 A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
6.7
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.