Help
Technical Articles
F5 SMEs share good practice.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Fortinet SSL VPN – Unauthenticated Arbitrary File Read (CVE-2018-13379)

Gal_Goldshtein
F5 Employee
F5 Employee

on ‎27-Aug-2019 08:04

Recently an unauthenticated arbitrary file read vulnerability was discovered in Fortinet VPN service. The vulnerability allows an unauthenticated remote attacker to send a specially crafted request in order to read an arbitrary file from the vulnerable server file system. The vulnerability affects the following FortiOS versions:

  • 5.6.3 to 5.6.7
  • 6.0.0 to 6.0.4


Exploits targeting this vulnerability were posted online a few days ago and researchers at F5 Networks have already detected threat campaigns targeting this vulnerability.


Mitigation with BIG-IP ASM

ASM customers under any supported BIG-IP version are already protected against this vulnerability as the exploitation attempt will be detected by existing “Path traversal” signatures.


0151T000003kuNcQAI.png

Figure 1: Exploit blocked with Attack Signature (200000190)


0151T000003kuNXQAY.png

Figure 2: Exploit blocked with Attack Signature (200101550)

Labels:
Comments
miladmin
Nimbostratus
Nimbostratus
‎29-Sep-2019 00:10

hi Gal

thanks for this topic

0 Kudos
Version history
Last update:
‎27-Aug-2019 08:04
Updated by:
F5 Employee
Contributors
Copyright © 2023 Khoros, LLC