Cybersecurity researchers are raising alarms regarding a serious vulnerability found in Fortinet’s FortiWeb Web Application Firewall (WAF). This authentication bypass flaw could enable attackers to seize control of admin accounts completely, leading to a total compromise of the affected devices. The watchTowr team has reported that they are witnessing active exploitation of this vulnerability, which appears to have been silently patched by Fortinet.
The vulnerable FortiWeb product is critical in protecting web applications, and if left unaddressed, this flaw poses a significant risk not only to individual organizations but potentially to broader security frameworks. Organizations using Fortinet FortiWeb are urged to assess their systems and apply necessary security measures to mitigate the risk of such vulnerabilities being exploited in the wild. This situation highlights the importance of proactive monitoring and response to cybersecurity threats, especially when it comes to web application security.
👉 Pročitaj original: The Hacker News
