FortSIEM <= 5.2.8 RCE due to EL Injection – analysis

Click the icon to Follow me:- twitterTelegramRedditDiscord

Posted by Red Timmy Security on Oct 06

On June 21st 2020 Fortinet has released a security bulletin for its
FortiSIEM product: https://www.fortiguard.com/psirt/FG-IR-20-041. All
versions of the product equal to/minor than 5.2.8 are vulnerable to an
unauthorized remote command execution via Expression Language injection.
The affected component, found and reported by Code White guys, is an old
acquaintance of ours: the infamous java library Richfaces.

7 months ago we have publicly…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source
Available for Amazon Prime