Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiOS on FortiGate 多个跨站请求伪造漏洞
Vulnerability Description
Fortinet FortiOS是美国飞塔(Fortinet)公司开发的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSL VPN、Web内容过滤和反垃圾邮件等多种安全功能。 FortiGate防火墙设备4.3.12之前的版本和5.0.1及之前的5.x版本上的Fortinet FortiOS中存在多个跨站请求伪造漏洞。远程攻击者可通过重启防火墙利用该漏洞劫持管理员修改系统设置或防火墙策略、或重新启动设备的请求的身份认证。
CVSS Information
N/A
Vulnerability Type
N/A