"Vulnerabilities in Fortinet WAF Can Expose Corporate Networks to Attacks"
Fortinet has released advisories about potentially serious vulnerabilities found in its FortiWeb Web Application Firewall (WAF). According to Andrey Medov, the lead security researcher at Positive Technologies who discovered the vulnerabilities, the exploitation of these flaws could lead to the exposure of corporate networks to attacks. FortiWeb is vulnerable to buffer overflows and a blind SQL injection that could allow threat actors to execute Denial-of-Service (DoS) attacks and unauthorized code or commands. This article continues to discuss the discovery, disclosure, and potential impact of vulnerabilities in the FortiWeb administration interface.
Security Week reports "Vulnerabilities in Fortinet WAF Can Expose Corporate Networks to Attacks"