PSIRT Advisories

The FortiGuard Labs Product Security Incident Response Team (PSIRT) continually test Fortinet hardware and software products, looking for vulnerabilities and weaknesses. Any such findings are fed back to Fortinet's development teams and serious issues are described along with protective solutions in the advisories below.

FortiOS XSS vulnerabilities via FortiView Application filter, FortiToken activation & SSL VPN Replacement Messages

Three XSS vulnerabilities one via the the filter input in "Applications" under FortiView (CVE-2017-3131)the second via the action...

Jul 28, 2017 Risk

IR Number: FG-IR-17-104

LibGD security advisory [18 January 2017]

The LibGD project released advisories on January 18th, 2017, July 22nd, 2016 and June 25th, 2016 describing 12 vulnerabilities,...

Jul 26, 2017 Risk

IR Number: FG-IR-17-051

FortiWLM upgrade user account hard-coded credentials

FortiWLM has a hard-coded password for its "upgrade" user account, which it uses to transfer files to and from the FortiWLC controller....

Jun 30, 2017 Risk

IR Number: FG-IR-17-115

Refine RESET

PSIRT Advisories

Refine
RESET