[FortiOS] Buffer overflow in SSL VPN through a crafted POST request Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-18-387 Final 1 1 2019-05-17T00:00:00 Current version 2019-05-17T00:00:00 2019-05-17T00:00:00 Failure to properly parse message payloads in the SSL VPN portal of FortiOS may allow a non-authenticated attacker to perform a Denial of Service attack via exploiting a buffer overflow. Denial of service FortiOS 6.0.0 to 6.0.4FortiOS 5.6.0 to 5.6.7FortiOS 5.4 and below Upgrade to FortiOS 5.6.8, 6.0.5 or 6.2.0Workarounds:Disable the SSL-VPN web portal service by applying the following CLI commands:For FortiOS 5.0 and below branches:config vpn ssl settingsset sslvpn-enable disableendFor FortiOS 5.2 and above branches:config vpn ssl settingsunset source-interfaceend Fortinet is pleased to thank Meh Chang and Orange Tsai from DEVCORE Security Research Team for reporting this vulnerability under responsible disclosure. CVE-2018-13381 5.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:X/RC:X https://fortiguard.fortinet.com/psirt/FG-IR-18-387 [FortiOS] Buffer overflow in SSL VPN through a crafted POST request Reference>