CVE-2023-27997 – FortiOS & FortiProxy – Heap buffer overflow in sslvpn pre-authentication

Please note the vulnerabilities in Fortinet products published in June. In particular, we would like to mention the vulnerability in FortiOS, which affects SSLVPN access and poses a major threat with a CVSSv3 score of 9.2. Fortinet PSIRT: https://www.fortiguard.com/psirt/FG-IR-23-097CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27997 Affected are FortiOS versions 6.0 to 7.2. Fortinet has already…

Loading

read more

CheatSheet FortiOS v7.2

We are happy to present you the new cheat sheet for FortiOS version 7.2. Most commands have remained the same.A bigger change is that the Packet Sniffer and the Debug Flow are now also available in the WebUI under Network > Diagnostics. We wish you good luck with troubleshooting.

Loading

read more

CVE-2022-40684 – Fortinet: Authentication bypass on administrative interface (HTTP/HTTPS) (Deutsch)

Englische Version: CVE-2022-40684 – Fortinet Authentication bypass on administrative interface (HTTP/HTTPS) (English) Sie haben sicherlich (und hoffentlich) die Informationen über die veröffentlichte Fortigate-Schwachstelle beim Zugriff auf die Administration gelesen und die entsprechenden Patches installiert. Wir haben alle Informationen hier noch einmal für Sie zusammengestellt.

Loading

read more

Fortigate: L2TP over IPsec configuration needs to be manually updated after upgrading from 6.4.x or 7.0.x

Fortinet has added a special note in the release notes of FortiOS 7.0 as follow: Source:https://docs.fortinet.com/document/fortigate/7.0.6/fortios-release-notes/927994/l2tp-over-ipsec-configuration-needs-to-be-manually-updated-after-upgrading-from-6-4-x-or-7-0-0-to-7-0-1-and-later Unfortunately the second point does not clearly state which policy exactly needs to be changed.Here is a screenshot of the changed policy: As you can see, the policy from the l2tp client to the…

Loading

read more

WatchGuard Launches PSIRT Page

WatchGuard’s Product Security Incident Response Team (PSIRT) has launched their public PSIRT page to provide a consolidated resource where network administrators can find advisories and information about security vulnerabilities in WatchGuard products, as well as WatchGuard’s investigations into industry-wide security issues that may impact WatchGuard products or services. The published…

Loading

read more

CheatSheet – PANOS 10.1

We have created a cheat sheet for Palo Alto firewalls with all important commands for troubleshooting.The cheat sheet was created for PANOS version 10.1. We have divided the cheat sheet into different sections like general commands, session debugging, service debugging and feature related debugging commands so that the needed commands…

Loading

read more