Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
Summary#
Invicti detected Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
A directory traversal vulnerability exists on Fortigate SSL VPN. An attacker can craft a request that accesses potentially sensitive information in the Fortigate's filesystem.
Impact#
An attacker could exploit this vulnerability to gain unauthorized read access to sensitive files including users VPN credentials.
Remediation#
Upgrade to the latest version of FortiOS
Classifications#
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Related Vulnerabilities
