Fortinet – Path Traversal (CVE-2018-13379)


Path Traversal (CVE-2018-13379) vulnerability.

Fortinet FortiOS SSL VPN Path Traversal in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal.

Bussines Impact

An attacker could use this vulnerability to download system files via special crafted HTTP resource requests.


Updated to the latest version released by Fortinet.