FortiProxy SSL-VPN Improper Access Control vulnerability through the Quick connection functionality
Summary
An improper access control vulnerability in FortiProxy SSL VPN portal may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.Affected Products
FortiProxy version 2.0.0FortiProxy versions 1.2.9 and below.
FortiProxy versions 1.1.6 and below.
FortiProxy versions 1.0.7 and below.