RedPacket Security

InfoSec News & Tutorials

Vulnerabilities 

FortSIEM <= 5.2.8 RCE due to EL Injection – analysis

admin , , , , , , , , ,
Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Red Timmy Security on Oct 06

On June 21st 2020 Fortinet has released a security bulletin for its
FortiSIEM product: https://www.fortiguard.com/psirt/FG-IR-20-041. All
versions of the product equal to/minor than 5.2.8 are vulnerable to an
unauthorized remote command execution via Expression Language injection.
The affected component, found and reported by Code White guys, is an old
acquaintance of ours: the infamous java library Richfaces.

7 months ago we have publicly…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source

You May Also Like

osint

secuvera-SA-2020-01: Broken Object Level Authorization Vulnerability in OvulaRing-Webapplication

admin
1f440

Phorpiex botnet shuts down and authors put source code for sale

admin
osint

Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA

admin
Available for Amazon Prime