Flaws in FortiWeb WAF Expose Fortinet Devices to Remote Hack
7/07/2021

Fortinet has recently addressed a high-severity vulnerability (CVE-2021-22123) affecting its FortiWeb web application firewall (WAF), a remote, authenticated attacker can exploit it to execute arbitrary commands via the SAML server

OVERVIEW

▪ Fortinet has recently fixed a high-severity RCE vulnerability affecting its FortiWeb web application firewall (WAF) that can be exploited by remote attackers to execute arbitrary commands.

▪ The high-severity vulnerability (CVE-2021-22123) allows a remote, authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page.

▪ The vulnerability in the management interface of FortiWeb firewall was discovered by a cybersecurity firm Positive Technologies.

Sign Up Here for Download

Copyright © 2020 Altitude Unlimited, Inc. | All rights reserved