Description
According to Fortinet's report, the FortiNAC web server is vulnerable to unauthenticated arbitrary file upload due to a directory traversal vulnerability that occurs when unpacking a user-provided zip file at the endpoint /configWizard/keyUpload.jsp. The following versions are affected:
- FortiNAC version 9.4.0
- FortiNAC version 9.2.0 through 9.2.5
- FortiNAC version 9.1.0 through 9.1.7
- FortiNAC versions 8.3 through 8.8
Remediation
Please upgrade to FortiNAC version 9.4.1 or above.
Please upgrade to FortiNAC version 9.2.6 or above.
Please upgrade to FortiNAC version 9.1.8 or above.
Please upgrade to FortiNAC version 7.2.0 or above.
References
Related Vulnerabilities
Umbraco CMS TemplateService remote code execution
Reflected Cross-Site Scripting (XSS) vulnerability in PAN-OS management web interface
Drupal Core Remote Code Execution (8.0.0 - 9.2.21)
WordPress Plugin Gutenberg Block Editor Toolkit-EditorsKit Remote Code Execution (1.31.5)
ManageEngine Desktop Central Deserialization RCE (CVE-2020-10189)