Bleeping Computer

Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb

FortiWeb is a web application firewall (WAF) solution designed to protect web apps and API from cross-site scripting (XSS), SQL injection, bot attacks, DDoS (distributed denial of service), and other ...
Bleeping Computer

New Fortinet FortiWeb hacks likely linked to public RCE exploits

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as ...
eWeek

Fortinet Updates FortiWeb Application Security Appliance

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Fortinet updated its FortiWeb security appliance to harden ...
CRN

Fortinet: ’Critical’ FortiWeb Vulnerability Exploited In Attacks

The cybersecurity vendor confirmed Friday that the flaw has been ‘exploited in the wild on FortiWeb.’ Fortinet confirmed Friday that a critical-severity vulnerability affecting its web application ...
Threat Post

Unpatched Fortinet Bug Allows Firewall Takeovers

The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch this week. An unpatched OS command-injection security vulnerability has been disclosed ...
heise online

Patchday Fortinet: Unauthorized access to firewalls possible

Attackers can attack and access Fortinet firewalls. The provider of IT security solutions has also closed other vulnerabilities in various products. According to a warning message, a “critical” ...
heise online

Fortinet closes security leaks in several products

Fortinet has released security updates for several products. They close security gaps, some of which have been classified as critical risks. The most serious is a security vulnerability in FortiWeb.