Hacker posts a list of exploits for around 50 000 Fortinet VPNs

A list of one-line exploits with the purpose of stealing VPN credentials from Fortinet VPN devices has been posted yesterday.

The vulnerability referred to is CVE-2018-13379, a path traversal flaw impacting a big number of unpatched Fortinet FortiOS SSL VPN devices.

Abusing this vulnerability allows remote access to the system for the attackers via specific HTTP requests.

Fortinet has issued a statement on the situation, where they reminded their users to update their devices.


Read More

Got Something To Say?

Your email address will not be published.