Fortinet’s FortiWeb security appliance has a severe path traversal vulnerability that is currently being exploited by attackers. This flaw allows the creation of new administrative users on vulnerable devices, which can lead to unauthorized access and control over web applications. The vulnerability raises significant concerns for organizations relying on FortiWeb for web application security, as it enables attackers to bypass authentication processes entirely.
Organizations are urged to review their FortiWeb implementations immediately and apply any available patches or mitigate vulnerabilities to prevent exploitation. It is vital for IT security teams to remain vigilant and monitor their systems for any signs of unauthorized access or anomalies. The existence of a public Proof of Concept (PoC) for this vulnerability could further escalate its exploitation amongst malicious actors, emphasizing the necessity for proactive security measures.
👉 Pročitaj original: BleepingComputer
