Request a Demo
Rewterz
Rewterz Threat Alert – Money Taker(Threat Actor) Activity Targeting Russian Federation Financial Sector
May 24, 2019
Rewterz
Rewterz Threat Advisory – CVE-2019-1769 – Cisco NX-OS Software Line Card Command Injection Vulnerability
May 29, 2019

Rewterz Threat Advisory – CVE-2019-5586 & CVE-2019-5588 – Fortinet FortiOS Cross-Site Scripting Vulnerabilities

Severity

Medium

Analysis Summary

Failure to sanitize input in the SSL VPN web portal may allow an attacker to perform a reflected Cross-site Scripting (XSS) attack via multiple parameters of the error page HTTP request.

Impact

Cross Site Scripting

Affected Vendors

Fortinet

Affected Products

  • FortiOS 5.2.0 to 6.0.4
  • FortiOS 6.0.0 to 6.0.4

Remediation

Upgrade to FortiOS 6.0.5 or 6.2.0.