Fortinet: >> Fortios >> 6.4.1 Security Vulnerabilities
A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-08-04
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-06-02
When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header.
CVSS Score
4.0
EPSS Score
0.004
Published
2021-03-04
Page 14