PULSE
LIVE18signals / 24h
FEED
ransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Services
← All CVEs
CVE Watch

CVE-2021-44168

Fortinet FortiOS Arbitrary File Download

CVSS

No CVSS

EPSS

0.9%

p55

KEV

YES

Dec 10, 2021

Exploit Today

66

0-100

Published: · Last modified:

EPSS · 30d
0.9%EPSS · 30 days0.9%
2026-06-302026-07-17
KEV catalog record

Product

Fortinet / FortiOS

Vulnerability

Fortinet FortiOS Arbitrary File Download

Added to KEV

Dec 10, 2021

Remediate by

Dec 24, 2021

Known ransomware use

No

Summary description

Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.

Required action

Apply updates per vendor instructions.

Notes

https://nvd.nist.gov/vuln/detail/CVE-2021-44168

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-13379
100.0%
KEV80Fortinet FortiOS SSL VPN Path Traversal Vulnerability
CVE-2022-42475
99.9%
KEV80Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
CVE-2024-21762
99.7%
KEV80Fortinet FortiOS Out-of-Bound Write Vulnerability
CVE-2020-12812
98.8%
KEV80Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
CVE-2019-5591
96.9%
KEV79Fortinet FortiOS Default Configuration Vulnerability
CVE-2022-41328
95.7%
KEV79Fortinet FortiOS Path Traversal Vulnerability