PSIRT Advisories

FortiOS - Buffer overflow in TFTP client library of CLI


A buffer overflow [CWE-121] in the TFTP client library of FortiOS, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

Affected Products

FortiOS versions 6.0.13 and below,
FortiOS versions 6.2.9 and below,
FortiOS versions 6.4.7 and below,
FortiOS versions 7.0.2 and below.

FortiOS-6K7K 6.4.6 and 6.4.2.
FortiOS-6K7K 6.2.8 and below.

FortiWeb version 5.9.1 and below.
FortiWeb version 6.0.7 and below.
FortiWeb version 6.1.2 and below.
FortiWeb version 6.2.6 and below.
FortiWeb version 6.3.16 and below.
FortiWeb versions 6.4.1 and 6.4.0


Upgrade to FortiOS 7.0.3 or above,
Upgrade to FortiOS 6.4.8 or above,
Upgrade to FortiOS 6.2.10 or above,
Upgrade to FortiOS 6.0.14 or above.

Upgrade to FortiOS-6K7K 6.2.9 or above.

Upgrade to FortiWeb 6.4.2 or above,
Upgrade to FortiWeb 6.3.17 or above,


Internally discovered and reported by Giuseppe Cocomazzi of Fortinet Product Security team.