PSIRT

FortiWeb multiple vulnerabilities

Description

Older versions of FortiWeb are subject to three vulnerabilities:
1. OS command injection: A WebUI administrator user may run system commands when executing a report
2. Reflected XSS: A WebUI administrator user may perform a reflected XSS attack via an improperly sanitized parameter in the FortiWeb auto update service page
3. Password field with autocomplete enabled: The WebUI FTP backup page contains a password field with HTML form autocomplete enabled

Affected Products

The Reflected XSS impacts FortiWeb versions between 5.0.0 and 5.3.4 included.
The OS command injection and the password field with autocomplete enabled impact all supported FortiWeb versions lower than 5.3.5.

Solutions

Upgrade to FortiWeb 5.3.5 or higher.
Workaround:
Associate administrators to a limited access profile with none or read-only privileges for the following pages:
- Maintenance
- System Configuration
- Log & report

IR Number	FG-IR-15-010
Date	Apr 16, 2015
Severity	Low
Impact	XSS, OS command injection, autocomplete in html form
CVRF	Download

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

PSIRT

FortiWeb multiple vulnerabilities

Description

Affected Products

Solutions

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

PSIRT

FortiWeb multiple vulnerabilities

Description

Affected Products

Solutions

Threat Intelligence
Center