Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check)
Medium Nessus Plugin ID 128552
SynopsisThe remote host is affected by a directory traversal vulnerability.
DescriptionThe remote host is running a version of FortiOS 5.6.3 prior to 5.6.8 or 6.0.x prior to 6.0.5. It is, therefore, affected by a directory traversal vulnerability in the SSL VPN web portal, due to improper sanitization of path traversal characters in URLs. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to download arbitrary FortiOS system files.
SolutionUpgrade to Fortinet FortiOS version to 5.6.8, 6.0.5, 6.2.0 or later.