CVE-2018-13379

Description from NVD

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

Information Acquisition Date:2022-03-20T14:48Z
CVSS 2.0: 5.0 MEDIUM CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:N/A:N

NVD References

 https://fortiguard.com/advisory/FG-IR-18-384
     source:CONFIRM
     tags:Mitigation    Vendor Advisory    
 https://www.fortiguard.com/psirt/FG-IR-20-233
     source:CONFIRM
     tags:

Description from Forti

FortiOS system file leak through SSL VPN via specially crafted HTTP resource requests

This indicates an attack attempt to exploit an Information Disclosure Vulnerability in FortiOS.The vulnerability is due to an error in the vulnerable application when handling a malicious request. An unauthenticated attacker can exploit this to access sensitive information on the affected machine via a crafted request.

Information Acquisition Date:2020/12/01

Affected Products

FortiOS 6.0 - 6.0.0 to 6.0.4

Impact

Information Disclosure

Recommended Actions

Refer to the vendor's advisory for updates:
https://fortiguard.com/psirt/FG-IR-18-384

References

None

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...194
https://lists.astaro.com/ASGV9-IPS-rules.html54
https://cvetrends.com49
http://mi6rogue.com/news6
https://cloudsek.com/threatintelligence/fortinet-ssl-vpn-vu...5
https://twitter.com/search?src=sprv&q=CVE-2018-133794
https://www.ic3.gov/Media/News/2021/210402.pdf4
https://www.tenable.com/blog/cve-2018-13379-cve-2019-5591-c...4
https://awakesecurity.com/blog/exploiting-cve-2018-13379-a-...4
https://www.incibe-cert.es/alerta-temprana/vulnerabilidades...4
https://bit.ly/3t3mpim3
https://ift.tt/3tIcakN3
https://zero.bs/sb-2031-ips-and-datasets-for-49k-fortinet-v...3
https://github.com/anasbousselham/fortiscan3
https://www.fbi.gov/news/pressrel/press-releases/russian-fo...3
https://www.zdnet.com/article/hacker-groups-chain-vpn-and-w...3
https://fortiguard.com/encyclopedia/ips/483213
https://www.nisc.go.jp/active/infra/pdf/fortinet20201203.pdf3
https://therecord.media/new-cring-ransomware-deployed-via-u...3
https://news.yahoo.co.jp/byline/ohmototakashi/20201128-0021...3
https://us-cert.cisa.gov/ncas/alerts/aa20-283a3
https://www.fortinet.com/blog/business-and-technology/updat...3
https://www.jpcert.or.jp/newsflash/2020112701.html3
https://xtech.nikkei.com/atcl/nxt/column/18/00001/069273
https://securityaffairs.co/wordpress/116480/cyber-crime/cri...3
https://www.checkpoint.com/defense/advisories/public/2019/c...3
https://www.fortinet.co.jp/blog/business-and-technology/upd...3
https://www.proofpoint.com/us/daily-ruleset-update-summary-...3
https://ics-cert.kaspersky.com/reports/2021/04/07/vulnerabi...3
https://www.bleepingcomputer.com/news/security/hacker-posts...3

Information from Twitter

User URL Info Source Date
autumn_good_35 https://twitter.com/autumn_good_35/status/1493756896230395904 Source autumn_good_35   1639124826458820609 2023/03/24

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com194
lists.astaro.com54
cvetrends.com49
mi6rogue.com6
cloudsek.com5
twitter.com4
www.ic3.gov4
www.tenable.com4
awakesecurity.com4
www.incibe-cert.es4
bit.ly3
ift.tt3
zero.bs3
github.com3
www.fbi.gov3
www.zdnet.com3
fortiguard.com3
www.nisc.go.jp3
therecord.media3
news.yahoo.co.jp3
us-cert.cisa.gov3
www.fortinet.com3
www.jpcert.or.jp3
xtech.nikkei.com3
securityaffairs.co3
www.checkpoint.com3
www.fortinet.co.jp3
www.proofpoint.com3
ics-cert.kaspersky.com3
www.bleepingcomputer.com3

Information from Twitter

User URL Info Source
autumn_good_35 twitter.com Show Tweet
GitHub Search Results: Up to 10
NameURL
milo2012/CVE-2018-13379 https://github.com/milo2012/CVE-2018-13379
0xHunter/FortiOS-Credentials-Disclosure https://github.com/0xHunter/FortiOS-Credentials-Disclosure
Blazz3/cve2018-13379-nmap-script https://github.com/Blazz3/cve2018-13379-nmap-script
B1anda0/CVE-2018-13379 https://github.com/B1anda0/CVE-2018-13379
yukar1z0e/CVE-2018-13379 https://github.com/yukar1z0e/CVE-2018-13379
k4nfr3/CVE-2018-13379-Fortinet https://github.com/k4nfr3/CVE-2018-13379-Fortinet
pwn3z/CVE-2018-13379-FortinetVPN https://github.com/pwn3z/CVE-2018-13379-FortinetVPN
Zeop-CyberSec/fortios_vpnssl_traversal_leak https://github.com/Zeop-CyberSec/fortios_vpnssl_traversal_leak
jpiechowka/at-doom-fortigate https://github.com/jpiechowka/at-doom-fortigate
hackingyseguridad/directoriotraversal https://github.com/hackingyseguridad/directoriotraversal
GitHub Search Results: Up to 10
NameURL
milo2012/CVE-2018-13379 github.com
0xHunter/FortiOS-Credentials-Disclosure github.com
Blazz3/cve2018-13379-nmap-script github.com
B1anda0/CVE-2018-13379 github.com
yukar1z0e/CVE-2018-13379 github.com
k4nfr3/CVE-2018-13379-Fortinet github.com
pwn3z/CVE-2018-13379-FortinetVPN github.com
Zeop-CyberSec/fortios_vpnssl_traversal_leak github.com
jpiechowka/at-doom-fortigate github.com
hackingyseguridad/directoriotraversal github.com
2023/03/28 Score : 0
Added Har-sia Database : 2020/02/17
Last Modified : 2023/03/28
Highest Scored Date : 2021/04/09
Highest Score : 35