admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/FortiOS/CVE-2018-13379
History
tardc ba948fc175 Update README.md
2020-06-08 19:53:04 +08:00
..
CVE-2018-13379_1.png
Add CVE-2018-13379
2020-06-08 18:08:15 +08:00
CVE-2018-13379_2.png
Add CVE-2018-13379
2020-06-08 18:08:15 +08:00
README.md
Update README.md
2020-06-08 19:53:04 +08:00

README.md

CVE-2018-13379 Fortinet FortiOS CVE-2018-13379 Directory Traversal Vulnerability

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

Affected Version: Fortinet FortiOS 6.0.0 - 6.0.4, 5.6.3 - 5.6.7 and 5.4.6 - 5.4.12 under SSL VPN web portal

FOFA query rule: app="Fortinet-sslvpn"

Demo