Researchers find high-severity command injection vuln in Fortinet's web app firewall

2021-08-18 16:38

A command injection vulnerability exists in Fortinet's management interface for its FortiWeb web app firewall, according to infosec firm Rapid7.

An authenticated attacker can use the vuln to execute commands as root on the Fortiweb device, Rapid7 said in a blog post.

Bleeping Computer reported some mild controversy about the timing of the disclosure; Rapid7 alleged it had been left hanging for a month by Fortinet after reporting the vuln, while Fortinet claimed Rapid7 had breached Fortinet's own vuln reporting guidelines by disclosing it within 90 days.

In 2019, The Register revealed that a series of Huawei routers used for years in the UK were vulnerable to command injection attacks using backticks in a similar fashion.

Back in 2013, Sophos had to patch a similar web firewall appliance after researchers identified that a function in a Perl script failed to fully escape a script argument prior to executing it - meaning backticks could be used to insert extra commands.

In July, Fortinet disclosed a remote code execution vuln in some of its software products that it patched.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/08/18/fortinet_fortiweb_flaw/

#commandinjection #firewall #fortinet #researcher #WEB