Ref# AL2021_12 | Date: Apr 29th 2021

---

Description

Fortinet has released a security advisory on 27th April 2021 addressing a vulnerability in the FortiWAN -version 4.5.7 and prior.

Summary
The vulnerability is exploitable due to an error in the authentication process, which can be achieved through the FortiWAN relative path traversal vulnerability (CWE-23). This may allow a remote non-authenticated attacker to delete system files by sending a crafted HTTP POST request and preforming directory traversal sequences. By deleting distinctive configuration files, it could lead to password reset in the administrator account which would then revert to a default value.

Product Affected:

• FortiWAN version 4.5.7 and prior

SOLUTIONS:

• It is recommended that you upgrade your FortiWAN upcoming version 4.5.8 or above and 5.1.1 or above.
• Restrict administrative access from any source to local host only.

For further information on this vulnerability kindly follow the below URL:

https://www.fortiguard.com/psirt/FG-IR-21-048

The Guyana National CIRT recommends that users and administrators review this alert and apply it where necessary.

PDF Download: Fortinet Security.pdf

References

• Fortinet Security Advisory (27th April 2021) Retrieved from Canadian Centre for Cyber Security

           https://cyber.gc.ca/en/alerts/fortinet-security-advisory-7

• Authentication bypass in FortiWAN (28th April 2021) Retrieved from CyberSecurityHelp

          https://www.cybersecurity-help.cz/vdb/SB2021042805