CVE-2021-44168
Fortinet FortiOS Arbitrary File Download
CVSS
—
No CVSS
EPSS
0.9%
p55
KEV
YES
Dec 10, 2021
Exploit Today
66
0-100
Published: — · Last modified: —
0.9%EPSS · 30 days0.9%
2026-06-302026-07-17
Product
Fortinet / FortiOS
Vulnerability
Fortinet FortiOS Arbitrary File Download
Added to KEV
Dec 10, 2021
Remediate by
Dec 24, 2021
Known ransomware use
No
Summary description
Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-44168
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-13379—100.0%
KEV—80Fortinet FortiOS SSL VPN Path Traversal Vulnerability—CVE-2022-42475—99.9%
KEV—80Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability—CVE-2024-21762—99.7%
KEV—80Fortinet FortiOS Out-of-Bound Write Vulnerability—CVE-2020-12812—98.8%
KEV—80Fortinet FortiOS SSL VPN Improper Authentication Vulnerability—CVE-2019-5591—96.9%
KEV—79Fortinet FortiOS Default Configuration Vulnerability—CVE-2022-41328—95.7%
KEV—79Fortinet FortiOS Path Traversal Vulnerability—