Vulnerabilities (CVE)

Filtered by vendor Fortinet Subscribe
Filtered by product Fortirecorder Firmware
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-22297 1 Fortinet 2 Fortirecorder Firmware, Fortiweb 2024-02-28 N/A 5.5 MEDIUM
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiWeb version 6.4.0 through 6.4.1, FortiWeb version 6.3.0 through 6.3.17, FortiWeb all versions 6.2, FortiWeb all versions 6.1, FortiWeb all versions 6.0, FortiRecorder version 6.4.0 through 6.4.3, FortiRecorder all versions 6.0, FortiRecorder all versions 2.7 may allow an authenticated user to read arbitrary files via specially crafted command arguments.
CVE-2022-41333 1 Fortinet 1 Fortirecorder Firmware 2024-02-28 N/A 7.5 HIGH
An uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authentication mechanism may allow an unauthenticated attacker to make the device unavailable via crafted GET requests.
CVE-2021-42755 1 Fortinet 5 Fortios, Fortiproxy, Fortirecorder Firmware and 2 more 2024-02-28 N/A 4.3 MEDIUM
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
CVE-2021-42757 1 Fortinet 13 Fortiadc, Fortianalyzer, Fortimail and 10 more 2024-02-28 4.6 MEDIUM 6.7 MEDIUM
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
CVE-2019-6698 1 Fortinet 4 Fortirecorder 100d, Fortirecorder 200d, Fortirecorder 400d and 1 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.