CVE-2018-13379 - Fortinet FortiOS SSL VPN Path Traversal Vulnerability
Project:Fortinet
Product:FortiOS
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Fortinet FortiOS SSL VPN Path Traversal Vulnerability
Description
Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-13379
Related News Articles
Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal ConflictsFebruary 26, 2025
CISA and FBI: Ghost ransomware breached orgs in 70 countriesFebruary 20, 2025
15K Fortinet Device Configs Leaked to the Dark WebJanuary 18, 2025