191 matches found
PT-2023-7378 · Fortinet · Fortiguard +2
Name of the Vulnerable Software and Affected Versions: FortiAnalyzer and FortiManager versions 6.4.8 through 6.4.10 FortiAnalyzer and FortiManager versions 7.0.0 through 7.0.5 FortiAnalyzer and FortiManager versions 7.2.0 through 7.2.1 Description: The issue is related to an improper certificate...
FortiAnalyzer & FortiManager - Lack of client-side certificate validation when establishing secure connections with FortiGuard to download outbreakalert
An improper certificate validation vulnerability CWE-295 in FortiAnalyzer and FortiManager may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and the remote FortiGuard server hosting outbreakalert ressources...
IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world. The intrusions entail the exploitation of a recently disclosed deserialization...
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with the successful exploitation of susceptible Oracle WebLogic servers to...
Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain
Romanian cybersecurity company Bitdefender has released a free decryptor for a new ransomware strain known as MortalKombat. MortalKombat is a new ransomware strain that emerged in January 2023. It's based on commodity ransomware dubbed Xorist and has been observed in attacks targeting entities in...
FortiNAC keyUpload.jsp command execution
Added: 02/24/2023 Background FortiNAC is a network access control solution. Problem A vulnerability in the keyUpload.jsp resource allows remote attackers to write arbitrary files by uploading a specially crafted zip file, leading to command execution. Resolution Upgrade to FortiNAC 7.2.0, 9.1.8,...
Exploit for Stack-based Buffer Overflow in Fortinet Fortiweb
CVE-2021-42756 Multiple stack-based buffer overflow vulnerabi...
Minecraft Servers Under Attack: Microsoft Warns About Cross-Platform DDoS Botnet
Microsoft on Thursday flagged a cross-platform botnet that's primarily designed to launch distributed denial-of-service DDoS attacks against private Minecraft servers. Called MCCrash, the botnet is characterized by a unique spreading mechanism that allows it to propagate to Linux-based devices...
CVE-2022-42475: Critical Unauthenticated Remote Code Execution Vulnerability in FortiOS; Exploitation Reported
Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. On December 12, 2022, FortiGuard Labs published advisory FG-IR-22-398 regarding a critical CVSSv3 9.3 “heap-based buffer overflow vulnerability CWE-122 in FortiOS SSL-VPN which may all...
Fortinet FortiOS / FortiProxy / FortiSwitchManager Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet FortiOS, FortiProxy, and FortiSwitchManager authentication bypass.', 'Description' = %q This module exploits an authentication bypass...
Threat Advisory: CVE-2022-40684 Fortinet Appliance Auth bypass
This morning, the Wordfence Threat Intelligence team began tracking exploit attempts targeting CVE-2022-40684 on our network of over 4 million protected websites. CVE-2022-40684 is a critical authentication bypass vulnerability in the administrative interface of Fortinet’s FortiGate firewalls,...
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute...
CISA Urges Patch of Exploited Windows 11 Bug by Aug. 2
A Windows 11 vulnerability, part of Microsoft’s Patch Tuesday roundup of fixes, is being exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security Agency CISA to advise patching of the elevation of privileges flaw by August 2. The recommendation is directed at federal...
Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting Vulnerability
Exploit Title: Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/fmlurlsvc/ Exploit Author: Braiant Giraldo Villa Contact: @ironfortress Twitter Vendor Homepage: https://www.fortinet.com/products/email-security Software Link:...
Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting (XSS)
Exploit Title: Fortinet Fortimail 7.0.1 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/fmlurlsvc/ Date: 01-Feb-2022 Exploit Author: Braiant Giraldo Villa Contact: @ironfortress Twitter Vendor Homepage: https://www.fortinet.com/products/email-security Software Link:...
Fortinet FortiMail Cross-Site Scripting Vulnerability (CNVD-2022-19073)
Fortinet FortiMail is a suite of email security gateway products from Fortinet, Inc. Fortinet FortiMail is vulnerable to a cross-site scripting vulnerability that could be exploited to execute unauthorized code or commands via a specially crafted HTTP GET request to the FortiGuard URI protection...
CVE-2021-43062
A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to...
CVE-2021-43062
A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to...
Cross site scripting
A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to...
CVE-2021-43062
A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows attacker to execute unauthorized code or commands via crafted HTTP GET requests to...