GitHub - milo2012/CVE-2018-13382: CVE-2018-13382
2019-08-16 07:30:08 Author: github.com(查看原文) 阅读量:364 收藏

Join GitHub today

GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.

Sign up

Python

CVE-2018-13382

https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-Fortigate-ssl-vpn/

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests.

alt text

$ python CVE-2018-13382.py  -h
Usage: CVE-2018-13382.py [options]

Options:
  -h, --help   show this help message and exit
  -i IP        e.g. 127.0.0.1:10443
  -u USERNAME  
  -p PASSWORD

文章来源: https://github.com/milo2012/CVE-2018-13382
如有侵权请联系:admin#unsafe.sh