Fortinet has released a security advisory on 27th April 2021 addressing a vulnerability in the FortiWAN -version 4.5.7 and prior.
The vulnerability is exploitable due to an error in the authentication process, which can be achieved through the FortiWAN relative path traversal vulnerability (CWE-23). This may allow a remote non-authenticated attacker to delete system files by sending a crafted HTTP POST request and preforming directory traversal sequences. By deleting distinctive configuration files, it could lead to password reset in the administrator account which would then revert to a default value.
- FortiWAN version 4.5.7 and prior
- It is recommended that you upgrade your FortiWAN upcoming version 4.5.8 or above and 5.1.1 or above.
- Restrict administrative access from any source to local host only.
For further information on this vulnerability kindly follow the below URL:
The Guyana National CIRT recommends that users and administrators review this alert and apply it where necessary.
- Fortinet Security Advisory (27th April 2021) Retrieved from Canadian Centre for Cyber Security
- Authentication bypass in FortiWAN (28th April 2021) Retrieved from CyberSecurityHelp