Attacker Value
Very High
0

CVE-2018-13379 Path Traversal in Fortinet FortiOS

Disclosure Date: June 04, 2019

Exploitability

(1 user assessed) Very High
Attack Vector
Network
Privileges Required
None
User Interaction
None

Description

An Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

Add Assessment

General Information

Technical Analysis