CVE-2018-13379 - Fortinet FortiOS SSL VPN Path Traversal Vulnerability

CVE-2018-13379: Fortinet | FortiOS

Date Added:
2021-11-03

Due Date:
2022-05-03

Vulnerability Name: Fortinet FortiOS SSL VPN Path Traversal Vulnerability

Description: Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

Known To Be Used in Ransomware Campaigns?: Known

Action: Apply updates per vendor instructions.

Additional Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-13379

Related News Articles: 15K Fortinet Device Configs Leaked to the Dark WebJanuary 18, 2025

Free online web security scanner

Don't show website scan report rating on the leaderboard