Lucene search

FortiGuard LabsFG-IR-20-233

HistoryJun 01, 2021 - 12:00 a.m.

FortiProxy - system file leak through SSL VPN special crafted HTTP resource requests

2021-06-0100:00:00

FortiGuard Labs

www.fortiguard.com

194

EPSS

0.969

Percentile

99.7%

JSON

A path traversal vulnerability in the FortiProxy SSL VPN web portal may allow a non-authenticated, remote attacker to download FortiProxy system files through specially crafted HTTP resource requests.

packetstorm

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

2019-08-19 00:00:00

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

2019-08-19 00:00:00

zdt

FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit (2)

2019-08-19 00:00:00

FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit

2019-08-19 00:00:00

exploitpack

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)

2019-08-19 00:00:00

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

2019-08-19 00:00:00

threatpost

Hackers Exploit Fortinet Flaw in Sophisticated Cring Ransomware Attacks

2021-04-08 14:00:32

Thousands of Fortinet VPN Account Credentials Leaked

2021-09-09 22:49:27

Accenture Confirms LockBit Ransomware Attack

2021-08-11 21:56:00

mmpc

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

2022-06-02 16:00:00

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

prion

Path traversal

2019-06-04 21:29:00

thn

CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats

2023-12-18 05:41:00

Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices

2021-09-09 07:16:00

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

2022-06-03 09:19:00

fortinet

Protect

2019-05-24 00:00:00

cisa_kev

Fortinet FortiOS SSL VPN Path Traversal Vulnerability

2021-11-03 00:00:00

nvd

CVE-2018-13379

2019-06-04 21:29:00

nessus

Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check)

2019-09-06 00:00:00

Fortinet FortiOS (Mac OS X) 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384) (deprecated)

2019-06-14 00:00:00

Fortinet FortiOS 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384)

2019-06-14 00:00:00

checkpoint_advisories

Fortinet FortiOS SSL VPN Directory Traversal (CVE-2018-13379)

2019-10-17 00:00:00

nuclei

Fortinet FortiOS - Credentials Disclosure

2020-04-22 06:42:01

dsquare

Fortinet FortiGate SSL VPN File Disclosure

2019-08-17 00:00:00

mssecure

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

2022-06-02 16:00:00

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

cvelist

CVE-2018-13379

2019-06-04 20:18:08

kitploit

Fortiscan - A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool

2020-11-30 11:30:00

cve

CVE-2018-13379

2019-06-04 21:29:00

malwarebytes

500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords

2021-09-09 15:37:43

Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities

2021-04-16 14:59:38

Atomic research institute breached via VPN vulnerability

2021-06-21 13:53:03

exploitdb

Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)

2019-08-19 00:00:00

Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

2019-08-19 00:00:00

attackerkb

CVE-2020-12812

2020-07-24 00:00:00

CVE-2019-5591

2020-08-14 00:00:00

CVE-2018-13379 Path Traversal in Fortinet FortiOS

2019-06-04 00:00:00

rapid7blog

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

2022-10-07 16:24:42

Metasploit Wrap-Up

2021-03-05 17:20:43

Attackers Targeting Fortinet Devices and SAP Applications

2021-04-08 17:18:07

hivepro

LockBit 2.0 Ransomware affiliates targeting Renowned Organizations

2022-03-15 10:07:18

Russian state-sponsored cyber actors targeting U.S. critical infrastructure

2022-02-18 12:20:35

Weekly Threat Digest: 14 – 20 March 2022

2022-03-23 04:17:40

ics

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

2022-02-16 12:00:00

#StopRansomware: Play Ransomware

2023-12-18 12:00:00

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

2021-11-19 12:00:00

cisa

FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities

2021-04-02 00:00:00

NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks

2021-04-15 00:00:00

securelist

Cyberthreats to financial organizations in 2022

2021-11-23 10:00:13

talosblog

Inside the ransomware playbook: Analyzing attack chains and mapping common TTPs

2024-07-10 10:00:33

Microsoft patches 12 critical vulnerabilities, nine of which are in Layer 2 Tunneling Protocol

2023-10-11 11:48:18

qualysblog

Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities

2023-08-24 19:07:05

CISA Alert: Top 15 Routinely Exploited Vulnerabilities

2022-05-06 12:19:24

Solorigate/Sunburst : Theft of Cybersecurity Tools | FireEye Breach

2020-12-10 00:48:29

EPSS

0.969

Percentile

99.7%

JSON

FortiProxy - system file leak through SSL VPN special crafted HTTP resource requests

Related