Fortiweb allows full authority to overcome the full authority, the researcher is preparing to publish the abuse code
Fortinet’s web application firewall, Fortiweb, discovered and followed as CV-2025-52970, allows the attackers to completely overcome authentication.
A critical vulnerability in Fortinet's Fortweb product allows attackers to imitate any user, even managers.
Technical details of the deficit
Araştırmacı Aviv Y tarafından “FortMajeure” adı verilen açık, FortiWeb’in çerez ayrıştırmasındaki “out-of-bounds read” hatasından kaynaklanıyor. Saldırgan, Era parametresine beklenmedik bir değer atayarak sunucunun tüm sıfırlardan oluşan gizli anahtarı kullanmasına neden oluyor. Bu durum, sahte kimlik doğrulama çerezlerinin kolayca oluşturulmasını sağlıyor.
In order to exploit the vulnerability, the target user must have actively sign.
Affected versions and patches
Open affects Fortiweb's versions between 7.0 and 7.6.
-
Fortiweb 7.6.4 and Over
-
FORTİWEB 7.4.8 and above
-
FORTİWEB 7.2.11 and above
-
FORTİWEB 7.0.11 and above
Fortweb 8.0 versions are not affected by this open.
Researcher's decision
Aviv Y shared a POC showing the foundation of the deficit, but did not publish the entire chain of abuse except for the executive imitation over Rest Endpoint.
According to the researcher, even missing details do not allow even knowledgeable attackers to develop a complete abuse alone.
Kaynak: CUMHA - CUMHUR HABER AJANSI
What's Your Reaction?
Like
0
Dislike
0
Love
0
Funny
0
Angry
0
Sad
0
Wow
0
