CVE-2018-13379CISA KEV: Actively Exploited

Fortinet FortiOS SSL VPN Path Traversal Vulnerability

Published Nov 3, 2021·Updated Nov 3, 2021

Description

Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

Public Exploits & PoCs12 found

PoC: CVE-2018-13379

CVE-2018-13379

248

PoC: cve2018-13379-nmap-script

CVE-2018-13379 Script for Nmap NSE.

12

PoC: fortios_vpnssl_traversal_leak

This module massively scan and exploit a path traversal vulnerability in the FortiOS SSL VPN web portal may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests (CVE-2018-13379).

10

PoC: CVE-2018-13379

Fortinet FortiOS路径遍历漏洞 (CVE-2018-13379)批量检测脚本

8

PoC: FortiOS-Credentials-Disclosure

CVE-2018-13379 Exploit

7

PoC: at-doom-fortigate

Fortigate CVE-2018-13379 - Tool to search for vulnerable Fortigate hosts in Rapid7 Project Sonar data anonymously through The Tor network.

4

PoC: CVE-2018-13379-Fortinet

FortiVuln

2

PoC: Multi-threaded-mass-exploiter-CVE-2018-13379-POC

CVE-2018-13379 mass exploiter for Fortinet FortiOS SSL VPN. Extracts credentials instantly, saves to CSV + PostgreSQL. Multi-threaded, no bullshit warnings.

1

PoC: CVE-2018-13379

CVE-2018-13379 fortiOS vulnerability POC

PoC: CVE-2018-13379

CVE-2018-13379 - Fortinet SSL VPN Vulnerability

PoC: CVE-2018-13379

An exploit for Fortinet CVE-2018-13379

PoC: CVE-2018-13379

Hunting CVE-2018-13379

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free