Lucene search
K

9 matches found

Packet Storm
Packet Storm
added 2020/11/19 12:0 a.m.970 views

Fortinet FortiOS 6.0.4 Password Modification

Exploit Title: Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification Google Dork: intitle:"Please Login" "Use FTM Push" Date: 15/11/2020 Exploit Author: Ricardo Longatto Details: This exploit allow change users password from SSLVPN web portal Vendor Homepage:...

5CVSS0.81691EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/11/19 12:0 a.m.864 views

Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification

Exploit Title: Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification Google Dork: intitle:"Please Login" "Use FTM Push" Date: 15/11/2020 Exploit Author: Ricardo Longatto Details: This exploit allow change users password from SSLVPN web portal Vendor Homepage:...

9.1CVSS8.4AI score0.81691EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2019/06/14 12:0 a.m.64 views

Fortinet FortiOS 5.4.1 < 5.4.11 / 5.6.x < 5.6.9 / 6.0.x < 6.0.5 SSL VPN Security Bypass (FG-IR-18-389)

The remote host is running a version of FortiOS 5.4.1 prior to 5.4.11, 5.6.x prior to 5.6.9 or 6.0.x prior to 6.0.5. It is, therefore, affected by a security bypass vulnerability in the SSL VPN web portal, due to an error when processing HTTP requests. A remote, unauthenticated attacker can explo...

9.1CVSS7.8AI score0.81691EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/06/14 12:0 a.m.57 views

Fortinet FortiOS (Mac OS X) 5.4.1 < 5.4.11 / 5.6.x < 5.6.9 / 6.0.x < 6.0.5 SSL VPN Security Bypass (FG-IR-18-389) (deprecated)

The plugin was deprecated due to checking hosts for FortiClient instead of FortiOS. Use fortiosFG-IR-18-389.nasl plugin ID 125888 instead. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2020/11/18. Deprecated by fortiosFG-IR-18-389.nasl include"compat.inc"; if description scriptid12589...

9.1CVSS7.7AI score0.81691EPSS
Exploits2References2
Circl
Circl
added 2019/06/05 12:26 a.m.19 views

CVE-2018-13382

creationtimestamp| type| source ---|---|--- 2019-06-05 00:26:12+00:00| seen| https://t.me/cibsecurity/4683 2019-08-14 01:53:52+00:00| exploited| https://t.me/Pen7esting/339 2022-06-08 19:35:04+00:00| published-proof-of-concept| https://t.me/truesecator/3042 2022-06-13 12:18:44+00:00| seen|...

9.1CVSS7.1AI score0.81691EPSS
Exploits2References8
NVD
NVD
added 2019/06/04 9:29 p.m.32 views

CVE-2018-13382

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via...

9.1CVSS9.3AI score0.81691EPSS
Exploits2References3
CVE
CVE
added 2019/06/04 8:33 p.m.1331 views

CVE-2018-13382

CVE-2018-13382 is an Improper Authorization vulnerability in Fortinet FortiOS (versions 6.0.0–6.0.4, 5.6.0–5.6.8, 5.4.1–5.4.10) and FortiProxy (2.0.0; 1.2.0–1.2.8; 1.1.0–1.1.6; 1.0.0–1.0.7) exposed via the SSL VPN web portal. An unauthenticated attacker can modify the password of an SSL VPN porta...

9.1CVSS7.6AI score0.81691EPSS
In wildExploits2References3Affected Software2
Cvelist
Cvelist
added 2019/06/04 8:33 p.m.43 views

CVE-2018-13382

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via...

9.1CVSS9.3AI score0.81691EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2019/06/04 12:0 a.m.48 views

CVE-2018-13382

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via...

9.1CVSS8.2AI score0.81691EPSS
In wildExploits2References8
Rows per page
Query Builder