Skip to content

milo2012/CVE-2018-13382

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
CVE-2018-13382.py
CVE-2018-13382.py
 
 
README.md
README.md
 
 
magic_backdoor.png
magic_backdoor.png
 
 
magic_backdoor1.png
magic_backdoor1.png
 
 

Repository files navigation

CVE-2018-13382

CVE-2018-13382

https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-Fortigate-ssl-vpn/

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests.

alt text

$ python CVE-2018-13382.py  -h
Usage: CVE-2018-13382.py [options]

Options:
  -h, --help   show this help message and exit
  -i IP        e.g. 127.0.0.1:10443
  -u USERNAME  
  -p PASSWORD

About

CVE-2018-13382

Resources

Readme
Activity

Stars

145 stars

Watchers

7 watching

Forks

55 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages