Thursday, June 13, 2024
HomeCyber Security BlogsFortinet's Fortiweb WAF Disclosed Due To Unpatched Hacking Flaw

Fortinet’s Fortiweb WAF Disclosed Due To Unpatched Hacking Flaw

An unpatched security flaw has been discovered in Fortinet’s WAF (Web Application Firewall). This vulnerability can be exploited by remote attackers to execute malicious commands.

About The Vulnerability

An OS command injection vulnerability in FortiWeb’s management interface (version 6.3.11 and prior) can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the SAML server configuration page,” said Rapid7, a cybersecurity firm, in an advisory that was published on Tuesday. “This vulnerability appears to be related to CVE-2021-22123, which was addressed in FG-IR-20-120.”

The discovery was made in June 2021. The patch is expected to be released in August 2021 with Fortiweb version 6.4.1.

What Can The Attackers Do?

This vulnerability has not yet been assigned to a CVE identifier but it still scores 8.7 on the CVSS scoreboard. Proper exploitation of the vulnerability will allow the attacker to execute commands impersonating as the primary user on the system via SAML server configuration pages.

“An attacker can leverage this vulnerability to take complete control of the affected device, with the highest possible privileges,” as said by Tod Beardsley of Rapid7. “They might install a persistent shell, crypto mining software, or other malicious software. In the unlikely event, the management interface is exposed to the internet, they could use the compromised platform to reach into the affected network beyond the DMZ.”

For the attackers to successfully exploit the flaw, authentication is required, said Rapid7. However, the attackers can use authentication bypass flaws like CVE-2020-29015. For the time being, the customers are requested to block access to untrustworthy networks from Fortiweb’s device’s management interface. Direct exposure of the device to the internet should also be prevented.

Final Notes

No evidence has yet been discovered of the security vulnerability being exploited. However, it must be kept in mind that unpatched Fortinet servers have been targeted by attackers in the past.

In April, the FBI and CISA have warned against groups of threat actors targeting Fortinet FortiOS servers. This is done by making use of CVE-2020-12812, CVE-2019-5591, and CVE-2018-13379 to attack commercial as well as government entities.

Also in April, Kaspersky discovered that the attackers have been exploiting the CVE-2018-13379 flaw in FortiGate VPN servers for gaining access to networks owned by Europen enterprises to deploy Cring ransomware.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us