An Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

Affected configurations

NVD

Node

fortinetfortiosRange5.6.3–5.6.7

fortinetfortiosRange6.0.0–6.0.4

References

fortiguard.com/advisory/FG-IR-18-384

www.fortiguard.com/psirt/FG-IR-20-233

packetstorm 2

zdt 2

exploitpack 2

threatpost 10

fortinet 2

mmpc 4

prion 1

thn 22

nessus 3

mssecure 4

cvelist 1

kitploit 1

dsquare 1

checkpoint_advisories 1

nuclei 1

cisa_kev 1

malwarebytes 4

cve 1

exploitdb 2

attackerkb 3

rapid7blog 3

hivepro 3

ics 11

cisa 2

securelist 1

qualysblog 6

talosblog 1

packetstorm

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

2019-08-19 00:00:00

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

2019-08-19 00:00:00

zdt

FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit (2)

2019-08-19 00:00:00

FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit

2019-08-19 00:00:00

exploitpack

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)

2019-08-19 00:00:00

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

2019-08-19 00:00:00

threatpost

Hackers Exploit Fortinet Flaw in Sophisticated Cring Ransomware Attacks

2021-04-08 14:00:32

Thousands of Fortinet VPN Account Credentials Leaked

2021-09-09 22:49:27

Accenture Confirms LockBit Ransomware Attack

2021-08-11 21:56:00

fortinet

Protect

2019-05-24 00:00:00

FortiProxy - system file leak through SSL VPN special crafted HTTP resource requests

2021-06-01 00:00:00

mmpc

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

2022-06-02 16:00:00

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

prion

Path traversal

2019-06-04 21:29:00

thn

CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats

2023-12-18 05:41:00

Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets

2021-04-08 13:12:00

Iranian Hackers Targeting VMware Horizon Log4j Flaws to Deploy Ransomware

2022-02-18 07:40:00

nessus

Fortinet FortiOS (Mac OS X) 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384) (deprecated)

2019-06-14 00:00:00

Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check)

2019-09-06 00:00:00

Fortinet FortiOS 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384)

2019-06-14 00:00:00

mssecure

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

2022-06-02 16:00:00

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

cvelist

CVE-2018-13379

2019-06-04 20:18:08

kitploit

Fortiscan - A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool

2020-11-30 11:30:00

dsquare

Fortinet FortiGate SSL VPN File Disclosure

2019-08-17 00:00:00

checkpoint_advisories

Fortinet FortiOS SSL VPN Directory Traversal (CVE-2018-13379)

2019-10-17 00:00:00

nuclei

Fortinet FortiOS - Credentials Disclosure

2020-04-22 06:42:01

cisa_kev

Fortinet FortiOS SSL VPN Path Traversal Vulnerability

2021-11-03 00:00:00

malwarebytes

500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords

2021-09-09 15:37:43

Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities

2021-04-16 14:59:38

Atomic research institute breached via VPN vulnerability

2021-06-21 13:53:03

cve

CVE-2018-13379

2019-06-04 21:29:00

exploitdb

Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)

2019-08-19 00:00:00

Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

2019-08-19 00:00:00

attackerkb

CVE-2020-12812

2020-07-24 00:00:00

CVE-2018-13379 Path Traversal in Fortinet FortiOS

2019-06-04 00:00:00

CVE-2019-5591

2020-08-14 00:00:00

rapid7blog

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

2022-10-07 16:24:42

Metasploit Wrap-Up

2021-03-05 17:20:43

Attackers Targeting Fortinet Devices and SAP Applications

2021-04-08 17:18:07

hivepro

LockBit 2.0 Ransomware affiliates targeting Renowned Organizations

2022-03-15 10:07:18

Russian state-sponsored cyber actors targeting U.S. critical infrastructure

2022-02-18 12:20:35

Weekly Threat Digest: 14 – 20 March 2022

2022-03-23 04:17:40

ics

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

2022-02-16 12:00:00

#StopRansomware: Play Ransomware

2023-12-18 12:00:00

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

2021-11-19 12:00:00

cisa

FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities

2021-04-02 00:00:00

NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks

2021-04-15 00:00:00

securelist

Cyberthreats to financial organizations in 2022

2021-11-23 10:00:13

qualysblog

Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities

2023-08-24 19:07:05

CISA Alert: Top 15 Routinely Exploited Vulnerabilities

2022-05-06 12:19:24

Solorigate/Sunburst : Theft of Cybersecurity Tools | FireEye Breach

2020-12-10 00:48:29

talosblog

Microsoft patches 12 critical vulnerabilities, nine of which are in Layer 2 Tunneling Protocol

2023-10-11 11:48:18

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.973 High

EPSS

Percentile

99.9%

JSON

Related for NVD:CVE-2018-13379

packetstorm2 zdt2 exploitpack2 threatpost10 fortinet2 mmpc4 prion1 thn22 nessus3 mssecure4 cvelist1 kitploit1 dsquare1 checkpoint_advisories1 nuclei1 cisa_kev1 malwarebytes4 cve1 exploitdb2 attackerkb3 rapid7blog3 hivepro3 ics11 cisa2 securelist1 qualysblog6 talosblog1