Vulnerabilities (Page 5)

[Fortinet] Management Panel Authentication Bypass

Authentication to the Fortinet management panel for various applications could be bypassed by meeting two conditions, the resolved client-ip is 127.0.0.1 and the user-agent is Report Runner

 

Got Follows Redirects to Unix Sockets

The title says pretty much all that you need to know, the got HTTP request library for Node will follow redirects to a Unix socket.So an attacker who can invoke a request (SSRF) to a server they control could redirect that request back towards a unix socket on the local machine…

 
3
4
5
6
7
8
9