Home > Cyber News > Fortinet FortiWeb WAF Appliances Exposed to Serious Unpatched Flaw
CYBER NEWS

Fortinet FortiWeb WAF Appliances Exposed to Serious Unpatched Flaw

by   |  Last Update:  |  0 Comments  


There is a recently disclosed unpatched flaw in Fortinet’s web application firewall appliances. The vulnerability could be exploited by remotes authenticated attackers to execute malicious commands.

Related: Top Exploited Vulnerabilities in 2020: Hackers Take Advantage of Remote Work

In other words, there is an OS command injection vulnerability in FortiWeb’s management interface (version 6.3.11 and prior) which could allow remote, authenticated attacks via the SAML server configuration page. The flaw was discovered by Rapid7 security researcher William Vu. It is noteworthy that the vulnerability is related to a previous vulnerability, known as CVE-2021-22123.




First of all, what is Fortinet FortiWeb?

Fortinet FortiWeb is a web application firewall (WAF) that captures both known and unknown exploits targeting the protected web applications before they have a chance to execute.

However, the vulnerability enables an attack, who is authenticated to the management interface of the device, to push commands via backticks in the “Name” field of the SAML server configuration page. As a result of the flaw, the commands will be executed as the root user of the OS.

What is the impact of the FortiWeb vulnerability?

“An attacker can leverage this vulnerability to take complete control of the affected device, with the highest possible privileges,” Rapid7 says. The exploitation of the flaw could lead to the installation of a persistent shell, cryptomining software or any other malicious program.

“In the unlikely event the management interface is exposed to the internet, they could use the compromised platform to reach into the affected network beyond the DMZ,” the researchers warn.
Since a patch is not available, users should disable the FortiWeb device’s management interface from untrusted networks, including the internet.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. CVE-2022-39947: High Severity Flaw in Fortinet FortiADC CVE-2022-39947 is a new, high severity security vulnerability in FortiADC...
  2. Which Are The Most Secure Smartphones PRICE TOTAL SCORE OS VPN ENCRYPTION TRACK BLOCK FINGERPRINT 1...
  3. National Exposure Index: Which Is the Most Hackable Country? Rapid7, a security firm, has just released a vast report...
  4. CVE-2023-25610: Critical Flaw in FortiOS and FortiProxy Fortinet has identified and fixed 15 security flaws, one of...
  5. CVE-2021-36934: Serious HiveNightmare Vulnerability in Windows 10 A new severe security vulnerability in Windows 10 has been...
  6. CVE-2019-6977: Yet Another WordPress Critical Flaw Found, Left Unpatched For 6 Years The popular content management system WordPress has been found to...
  7. CVE-2019-1663: Critical Flaw in Cisco Wireless VPN and Firewall Routers A new critical flaw, CVE-2019-1663, residing in Cisco wireless VPN...
  8. Cryptographic Flaw in 3G and 4G Networks: All Devices Exposed A new serious cryptographic vulnerability has been discovered in modern,...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree