FortiWAN Multiple Vulnerabilities

FortiWAN Multiple Vulnerabilities Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-16-045 Final 1 1 2016-09-07T00:00:00 Current version 2016-09-07T00:00:00 2016-09-07T00:00:00 FortWan 4.2.4 and below is exposed to cross site scripting, information leak and escalation of privilege vulnerabilities.CVE-2016-4965: Non-administrative authenticated user having access privileges to the nslookup functionality can perform OS command injection in the root user contextCVE-2016-4966: Non-administrative authenticated userÃ‚Â having access privileges to change the HTTP Get param "UserName" to "Administrator" may access PCAP filesCVE-2016-4967: Non-administrative authenticated user may access configuration information and/or PCAP files via specific URLsCVE-2016-4968: Non-administrative authenticated user may obtain administrator cookie via specific GET requestsCVE-2016-4969: Persistent XSS XSS, information leak, escalation of privilege FortiWan 4.2.4 and below Upgrade to 4.2.5 or above https://fortiguard.fortinet.com/psirt/FG-IR-16-045 FortiWAN Multiple Vulnerabilities http://www.kb.cert.org/vuls/id/724487 http://www.kb.cert.org/vuls/id/724487 Reported by CERT/CC FortiWAN Multiple Vulnerabilities CVE-2016-4965 CVE-2016-4966 CVE-2016-4967 CVE-2016-4968 CVE-2016-4969 https://fortiguard.fortinet.com/psirt/FG-IR-16-045 FortiWAN Multiple Vulnerabilities Reference> http://www.kb.cert.org/vuls/id/724487 http://www.kb.cert.org/vuls/id/724487