Bleeping Computer

Researcher to release exploit for full auth bypass on FortiWeb

A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw was ...
Bleeping Computer

New Fortinet FortiWeb hacks likely linked to public RCE exploits

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as ...
Dark Reading

Critical Fortinet FortiWeb WAF Bug Exploited in the Wild

A critical Fortinet FortiWeb vulnerability capable of remote code execution has been exploited in the wild. Because the vulnerability is capable of remote code execution in a pre-authentication state ...