A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.

Related CVEs

CVE-2021-44168

Key Information

GHSA ID

GHSA-689x-phc2-9p4m

Published

January 5, 2022 12:00 AM

Last Modified

October 23, 2024 12:31 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.