Andrey Medov, a security researcher at Positive Technologies, found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could be exploited by attackers to hack into corporate networks.
The vulnerabilities include a blind SQL injection, a stack-based buffer overflow issue, an overflow buffer overflow, and a format string vulnerability that could lead to the execution of unauthorized code or commands or denial-of-service (DoS) conditions.
The flaws reside in the FortiWeb administration interface, this means that a remote attacker could exploit them to potentially access the corporate network.
“A stack-based buffer overflow vulnerability in FortiWeb may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname.” reads the PSIRT advisory for the CVE-2020-29016.
The vendor recommends the customers to upgrade to FortiWeb versions:
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, Fortinet FortiWeb)