Rewterz Threat Alert – FormBook Malware – Active IOCs
February 2, 2022Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
February 3, 2022Rewterz Threat Alert – FormBook Malware – Active IOCs
February 2, 2022Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
February 3, 2022Severity
High
Analysis Summary
CVE-2021-42753
Fortinet FortiWeb could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user requests. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) in the device filesystem to delete arbitrary files on the system.
Impact
- Directory Traversal
Affected Vendors
Fortinet
Affected Products
- Fortinet Fortiweb
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.