Security News > 2021 > August > High-Severity Command Injection Vulnerability Found in Fortinet Firewall

High-Severity Command Injection Vulnerability Found in Fortinet Firewall
2021-08-17 15:16

Researchers have discovered a vulnerability in Fortinet's FortiWeb web application firewall, and while it has been classified as high severity, the actual risk of exploitation in the wild seems low.

Tod Beardsley, director of research at Rapid7, told SecurityWeek that they have not seen any information from Fortinet regarding a patch, but they do expect the vulnerability to be fixed soon.

The issue identified by Vu is a variation of CVE-2021-22123, a FortiWeb OS command injection vulnerability patched by Fortinet a few months ago.

Rapid7 pointed out that while its recent scans showed roughly one million internet-exposed Fortinet devices, only some of those are FortiWeb systems, and only a small fraction of those expose their management interface to the web.

Given the widespread use of Fortinet products, it's not surprising that many state-sponsored and profit-driven threat actors have been exploiting vulnerabilities in these products.

The U.S. government has issued several warnings and advisories related to the exploitation of Fortinet vulnerabilities.


News URL

http://feedproxy.google.com/~r/securityweek/~3/BNo_um8hFIE/high-severity-command-injection-vulnerability-found-fortinet-firewall

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-01 CVE-2021-22123 OS Command Injection vulnerability in Fortinet Fortiweb
An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page.
network
low complexity
fortinet CWE-78
critical
9.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 164 56 387 164 77 684