all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Fortinet FortiWLM Deep-Dive, IOCs, and the Almost Story of the “Forti Forty”

Add to bookmarks
March 14, 2024, 9:45 a.m. | Zach Hanley

Security Boulevard securityboulevard.com

Earlier this year, soon after reproducing a remote code execution vulnerability for the Fortinet FortiNAC, I was on the hunt for a set of new research targets. Fortinet seemed like a decent place to start given the variety of lesser-known security appliances I had noticed while searching for the FortiNAC firmware. The first target I landed on was the Fortinet Wireless LAN Manager (WLM). The security audit of this appliance began what became the successful, but failed journey of what …

attack blogs code code execution disclosures dive fortinac fortinet fortinet fortinac hunt iocs remote code remote code execution research security start story vulnerability

Visit resource

More from securityboulevard.com / Security Boulevard

What Would a TikTok Ban Mean? 8 hours ago | securityboulevard.com
app ban biden bill +9
RSAC 2024 Innovation Sandbox | Antimatter: A Comprehensive Data Security Management Tool 18 hours ago | securityboulevard.com
antimatter benchmark blog conference +24
USENIX Security ’23 – Beyond Typosquatting: An In-depth Look at Package Confusion 1 day, 3 hours ago | securityboulevard.com
access authors beyond conference +19
Breaking Down Cybersecurity: The Real Meaning Behind the Jargon 1 day, 8 hours ago | securityboulevard.com
authenticity availability breaking cia +19
What is General Data Protection Regulation Act (GDPR)? 1 day, 9 hours ago | securityboulevard.com
act adoption center challenges +32
RSAC 2024 Innovation Sandbox | Bedrock Security: A Seamless and Efficient Data Security Solution 1 day, 11 hours ago | securityboulevard.com
bedrock bedrock security benchmark blog +20
Cloud Monitor Automation Improves K-12 Cybersecurity Training & Awareness 1 day, 19 hours ago | securityboulevard.com
automation awareness chief cloud +28
USENIX Security ’23 – UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware 1 day, 23 hours ago | securityboulevard.com
access authors conference events +15
Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656) 2 days ago | securityboulevard.com
ant application customers cve +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Lead Technical Product Manager - Threat Protection

@ Mastercard | Remote - United Kingdom
View on infosec-jobs.com

Data Privacy Officer

@ Banco Popular | San Juan, PR
View on infosec-jobs.com

GRC Security Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Warrington, United Kingdom
View on infosec-jobs.com

Privacy Engineer, Technical Audit

@ Meta | Menlo Park, CA
View on infosec-jobs.com
View more jobs