An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Beagle Security Blog


Stay updated about the latest in the application security industry with news, tips and best practices from the security research team at Beagle Security.

Highlights

  • Essential cybersecurity tips for beginners.
Listed: