An Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

CPENameOperatorVersion
fortiosge5.6.3
fortiosle5.6.7
fortiosge6.0.0
fortiosle6.0.4

Name	Operator	Version
fortios	ge	5.6.3
fortios	le	5.6.7
fortios	ge	6.0.0
fortios	le	6.0.4

References

fortiguard.com/advisory/FG-IR-18-384

www.fortiguard.com/psirt/FG-IR-20-233

fortinet 2

nessus 3

thn 22

zdt 2

dsquare 1

mssecure 4

kitploit 1

threatpost 10

packetstorm 2

mmpc 4

exploitpack 2

cisa_kev 1

checkpoint_advisories 1

nuclei 1

malwarebytes 4

cve 1

exploitdb 2

hivepro 3

rapid7blog 3

attackerkb 3

cisa 2

ics 11

securelist 1

qualysblog 6

talosblog 1

fortinet

FortiProxy - system file leak through SSL VPN special crafted HTTP resource requests

2021-06-01 00:00:00

Protect

2019-05-24 00:00:00

nessus

Fortinet FortiOS (Mac OS X) 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384) (deprecated)

2019-06-14 00:00:00

Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check)

2019-09-06 00:00:00

Fortinet FortiOS 5.4.6 <= 5.4.12 / 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN Directory Traversal (FG-IR-18-384)

2019-06-14 00:00:00

thn

Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets

2021-04-08 13:12:00

CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats

2023-12-18 05:41:00

Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices

2021-09-09 07:16:00

zdt

FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit

2019-08-19 00:00:00

FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit (2)

2019-08-19 00:00:00

dsquare

Fortinet FortiGate SSL VPN File Disclosure

2019-08-17 00:00:00

mssecure

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

2022-06-02 16:00:00

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

kitploit

Fortiscan - A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool

2020-11-30 11:30:00

threatpost

Thousands of Fortinet VPN Account Credentials Leaked

2021-09-09 22:49:27

Hackers Exploit Fortinet Flaw in Sophisticated Cring Ransomware Attacks

2021-04-08 14:00:32

Accenture Confirms LockBit Ransomware Attack

2021-08-11 21:56:00

packetstorm

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

2019-08-19 00:00:00

FortiOS 5.6.7 / 6.0.4 Credential Disclosure

2019-08-19 00:00:00

mmpc

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

2022-06-02 16:00:00

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

exploitpack

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)

2019-08-19 00:00:00

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

2019-08-19 00:00:00

cisa_kev

Fortinet FortiOS SSL VPN Path Traversal Vulnerability

2021-11-03 00:00:00

checkpoint_advisories

Fortinet FortiOS SSL VPN Directory Traversal (CVE-2018-13379)

2019-10-17 00:00:00

nuclei

Fortinet FortiOS - Credentials Disclosure

2020-04-22 06:42:01

malwarebytes

500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords

2021-09-09 15:37:43

Atomic research institute breached via VPN vulnerability

2021-06-21 13:53:03

Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities

2021-04-16 14:59:38

cve

CVE-2018-13379

2019-06-04 21:29:00

exploitdb

Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)

2019-08-19 00:00:00

Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

2019-08-19 00:00:00

hivepro

LockBit 2.0 Ransomware affiliates targeting Renowned Organizations

2022-03-15 10:07:18

Russian state-sponsored cyber actors targeting U.S. critical infrastructure

2022-02-18 12:20:35

Weekly Threat Digest: 14 – 20 March 2022

2022-03-23 04:17:40

rapid7blog

Metasploit Wrap-Up

2021-03-05 17:20:43

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

2022-10-07 16:24:42

Attackers Targeting Fortinet Devices and SAP Applications

2021-04-08 17:18:07

attackerkb

CVE-2020-12812

2020-07-24 00:00:00

CVE-2019-5591

2020-08-14 00:00:00

CVE-2018-13379 Path Traversal in Fortinet FortiOS

2019-06-04 00:00:00

cisa

FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities

2021-04-02 00:00:00

NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks

2021-04-15 00:00:00

ics

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

2022-02-16 12:00:00

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

2021-11-19 12:00:00

#StopRansomware: Play Ransomware

2023-12-18 12:00:00

securelist

Cyberthreats to financial organizations in 2022

2021-11-23 10:00:13

qualysblog

Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities

2023-08-24 19:07:05

CISA Alert: Top 15 Routinely Exploited Vulnerabilities

2022-05-06 12:19:24

Solorigate/Sunburst : Theft of Cybersecurity Tools | FireEye Breach

2020-12-10 00:48:29

talosblog

Microsoft patches 12 critical vulnerabilities, nine of which are in Layer 2 Tunneling Protocol

2023-10-11 11:48:18

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.974 High

EPSS

Percentile

99.9%

JSON

Related for PRION:CVE-2018-13379