Researchers have identified several potentially serious vulnerabilities in products from network security solutions provider Fortinet. The vendor appears to have patched at least some of the issues.
The CERT Coordination Center (CERT/CC) reported on Tuesday that a group of researchers called Virgoteam identified a total of five vulnerabilities, including ones rated critical, in Fortinet’s FortiWAN network load balancer appliances.
One of the flaws, tracked as CVE-2016-4965, is caused by improper neutralization of special elements used in operating system commands and it allows an authenticated attacker with non-admin privileges to inject arbitrary OS commands and execute them with root permissions.
Leave a reply