E19-5k771
CVSS:
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
2
Year:
2018
Description
This strike replicates a directory traversal attack on Fortinet FortiOS.
The vulnerability resides in the '/remote/fgt_lang' endpoint and affects product versions 5.6.3 to 5.6.7 and 6.0.0 to 6.0.4.
By exploiting this flaw, a remote unauthenticated attacker may take over the device and perform attacks such as DNS hijacks.