cve/2018/CVE-2018-9194.md

### [CVE-2018-9194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9194)
![](https://img.shields.io/static/v1?label=Product&message=FortiOS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20disclosure&color=brighgreen)

### Description

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used.

### POC

#### Reference
- https://fortiguard.com/advisory/FG-IR-17-302
- https://robotattack.org/
- https://www.kb.cert.org/vuls/id/144389

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-9194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9194)`
			`![](https://img.shields.io/static/v1?label=Product&message=FortiOS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20disclosure&color=brighgreen)`

			`### Description`

			`A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used.`

			`### POC`

			`#### Reference`
			`- https://fortiguard.com/advisory/FG-IR-17-302`
			`- https://robotattack.org/`
			`- https://www.kb.cert.org/vuls/id/144389`

			`#### Github`
			`No PoCs found on GitHub currently.`