← ExploitWatch
HomeExploited Vulnerabilities

CVE-2018-13379 — Actively Exploited: FortiOS (Fortinet)

Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

CVE IDCVE-2018-13379
VendorFortinet
ProductFortiOS
Vulnerability nameFortinet FortiOS SSL VPN Path Traversal Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionFortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →