7 matches found
CVE-2022-41328
A improper limitation of a pathname to a restricted directory vulnerability 'path traversal' CWE-22 in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands...
UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...
Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack
The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a suspected Chinese hacking group. American cybersecurity company Mandiant, which made the attribution, said the activity cluster is part of a broader campaign...
Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities
Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet FortiOS software to result in data loss and OS and file corruption. "The complexity of the exploit suggests an advanced actor and that it is highly targeted at...
CVE-2022-41328
creationtimestamp| type| source ---|---|--- 2023-03-07 20:23:36+00:00| seen| https://t.me/cibsecurity/59597 2023-03-08 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=983 2023-03-14 07:05:01+00:00| exploited| https://t.me/thehackernews/3145 2023-03-14 12:25:07+00:00|...
CVE-2022-41328
CVE-2022-41328 (Fortinet FortiOS path traversal) : A path traversal vulnerability in Fortinet FortiOS 7.2.0–7.2.3, 7.0.0–7.0.9, and pre-6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands (CWE-22). The issue is documented across mult...
CVE-2022-41328
A improper limitation of a pathname to a restricted directory vulnerability ‘path traversal’ CWE-22 in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands...