Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

CVE-2018-13382

CVE-2018-13382

https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-Fortigate-ssl-vpn/

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests.

alt text

$ python CVE-2018-13382.py  -h
Usage: CVE-2018-13382.py [options]

Options:
  -h, --help   show this help message and exit
  -i IP        e.g. 127.0.0.1:10443
  -u USERNAME  
  -p PASSWORD  

About

CVE-2018-13382

Resources

Releases

No releases published

Packages

No packages published

Languages