Threat Intelligence / CVE / CVE-2018-13379
CVE-2018-13379
CISA KEVRansomwareAn Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Weaknesses (CWE)
CWE-22
Threats tracking this CVE
- Static Tundra (Dragonfly/Energetic Bear) ICS Attacks on Polish Energy Infrastructure — CRITICAL
- Static Tundra ICS Attacks on Polish Energy Infrastructure with DynoWiper — CRITICAL
References
- https://fortiguard.com/advisory/FG-IR-18-384
- https://www.fortiguard.com/psirt/FG-IR-20-233
- https://fortiguard.com/advisory/FG-IR-18-384
- https://www.fortiguard.com/psirt/FG-IR-20-233
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-13379
Full detection coverage & IOCs for threats exploiting CVE-2018-13379 are available via the Threadlinqs MCP server (Purple tier). View plans →