EUVD-2005-1839

Malware in sbrugna...

Fortinet Fortigate Double free with double usage of json_object_put (FG-IR-23-195)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-195 advisory. - A double free vulnerability CWE-415 in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or...

Fortinet FortiOS Privilage Escalation (FG-IR-23-315)

The version of FortiOS installed on the remote host is prior to tested version. It is, therefore, affected by an improper privilege management vulnerability CWE-269 in a FortiOS & FortiProxy HA cluster may allow an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS...

Fortinet FortiOS - Path Traversal in Execute Command (FG-IR-22-369)

The version of FortiOS installed on the remote host is therefore, affected by a path traversal in execute command vulnerability. A improper limitation of a pathname to a restricted directory vulnerability 'path traversal' in FortiOS may allow a privileged attacker to read and write arbitrary file...

Backdoor in Fortinet's firewall Fortigate

If you have console access to this box, you are able to get root access or more by using the Username: maintainer Password: pbcpbnhere should you type the serialnr. of the box, the characters should be in Capital letters. FortiOS: 2.x Regards Johan Andersson Atea Security, Sweden Phone: +46-709-1...