CVE-2018-13379

CVE Database · CVE-2018-13379

CVE-2018-13379

· CRITICALAnalyzed

CVSS v3.1

9.1

EPSS

100.00%

Published

Jun 4, 2019

Modified

Oct 24, 2025

CISA Known Exploited Vulnerability

Added: 2021-11-03 · Due: 2022-05-03

Apply updates per vendor instructions.

Public PoC / Exploit (12)

All weaponized →

Exploit-DBFortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit-DBFortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCmilo2012/CVE-2018-13379★253 GitHub PoCBlazz3/cve2018-13379-nmap-script★12 GitHub PoCZeop-CyberSec/fortios_vpnssl_traversal_leak★9 GitHub PoCB1anda0/CVE-2018-13379★8 GitHub PoC0xHunter/FortiOS-Credentials-Disclosure★6 GitHub PoCk4nfr3/CVE-2018-13379-Fortinet★6 GitHub PoCjpiechowka/at-doom-fortigate★5 GitHub PoCpwn3z/CVE-2018-13379-FortinetVPN★1

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Weaknesses (CWE)

CWE-22CWE-22

Affected Products (5)

fortinet · fortiproxy (up to 1.2.9)vulnerable

fortinet · fortiproxyvulnerable

fortinet · fortios (up to 5.4.13)vulnerable

fortinet · fortios (up to 5.6.8)vulnerable

fortinet · fortios (up to 6.0.5)vulnerable

References (5)

https://fortiguard.com/advisory/FG-IR-18-384