CVE-2018-13379 - Fortinet FortiOS SSL VPN Path Traversal Vulnerability

Vulnerability Name

Fortinet FortiOS SSL VPN Path Traversal Vulnerability

Description

Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2018-13379

Related News Articles

Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal ConflictsFebruary 26, 2025

CISA and FBI: Ghost ransomware breached orgs in 70 countriesFebruary 20, 2025

15K Fortinet Device Configs Leaked to the Dark WebJanuary 18, 2025