Attacker Value
Very High
0

CVE-2018-13379

Disclosure Date: June 04, 2019 Last updated March 10, 2020

Exploitability

(1 user assessed) Very High
Attack Vector
Network
Privileges Required
None
User Interaction
None

Description

An Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

Add Assessment

General Information

Technical Analysis