Vulnerability identifier: #VU18607

Vulnerability risk: High

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:H/RL:O/RC:C]

CVE-ID: CVE-2018-13382

CWE-ID: CWE-285

Exploitation vector: Network

Exploits in database: 3

• April 30, 2021
  • exploit-fortinetmagicbackdoor (PoC for CVE-2018-13382) [Github]
• November 20, 2020
  • Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification [Exploit-DB]
• March 18, 2020
  • exploits (Some personal exploits/pocs) [Github]

Impact: Information disclosure and data manipulation

Vulnerable software:
FortiOS
Operating systems & Components / Operating system

Vendor: Fortinet, Inc