Node.js crash over administrative interface


An improper check or handling of exceptional conditions vulnerability [CWE-703] in FortiOS version 7.4.1 may allow an unauthenticated attacker to perform a temporary denial of service attack on the administrative interface via crafted HTTP requests.

Version Affected Solution
FortiOS 7.4 7.4.1 Upgrade to 7.4.2 or above
Follow the recommended upgrade path using our tool at:


Internally discovered and reported by Theo Leleu of Fortinet Product Security team.


2024-05-14: Initial publication