Few weeks ago during some pentest I found that tested Fortinet-appliance is sometime restarting... I wasn't sure about the reason so I decided to contact directly with the Fortinet's PSIRT. Patch is ready so below you will find few details about it. Enjoy...
TL;DR ;]
The problematic request found during pentest:
Here you will find another one (copy/paste from
Burp's 'fuzzing session' from Intruder):
As a response (btw: you can also find this information in the Fortinet's logs in webapp) should be similar to the one presented below:
As far as I know, for this bug we are reserving
CVE-2017-14182.
I would like to thank
Fortinet PSIRT for the great cooperation under responsible disclosure.
Cheers
Brak komentarzy:
Prześlij komentarz