Description
According to Fortinet's report, the FortiNAC web server is vulnerable to unauthenticated arbitrary file upload due to a directory traversal vulnerability that occurs when unpacking a user-provided zip file at the endpoint /configWizard/keyUpload.jsp. The following versions are affected:
- FortiNAC version 9.4.0
- FortiNAC version 9.2.0 through 9.2.5
- FortiNAC version 9.1.0 through 9.1.7
- FortiNAC versions 8.3 through 8.8
Remediation
Please upgrade to FortiNAC version 9.4.1 or above.
Please upgrade to FortiNAC version 9.2.6 or above.
Please upgrade to FortiNAC version 9.1.8 or above.
Please upgrade to FortiNAC version 7.2.0 or above.
References
Related Vulnerabilities
WordPress Plugin BackWPup Remote and Local Code Execution (1.6.1)
WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)
Umbraco CMS remote code execution
WordPress Plugin wp superb Slideshow Arbitrary File Upload (2.4)
WordPress Plugin Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0)