admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 09:50:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add CVE-2018-13379

Browse Source
This commit is contained in:
tardc 2020-06-08 18:08:15 +08:00
parent 1b760ce90b
commit 30b4f9087c
3 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
FortiOS/CVE-2018-13379/CVE-2018-13379_1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 114 KiB

BIN
FortiOS/CVE-2018-13379/CVE-2018-13379_2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 119 KiB

13
FortiOS/CVE-2018-13379/README.md Normal file
View File

@ -0,0 +1,13 @@
# CVE-2018-13379 Fortinet FortiOS CVE-2018-13379 Directory Traversal Vulnerability
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
**Affected Version**: Fortinet FortiOS 6.0.0 - 6.0.4, 5.6.3 - 5.6.7 and 5.4.6 - 5.4.12 under SSL VPN web portal
**[FOFA](https://fofa.so/result?qbase64=YXBwPSJGb3J0aW5ldC1zc2x2cG4i) query rule**: app="Fortinet-sslvpn"
# Demo
![](CVE-2018-13379_1.png)
![](CVE-2018-13379_2.png)