all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multiple Vulnerabilities in FortiWeb could allow for Arbitrary Code Execution

Add to bookmarks
March 22, 2023, 12:57 p.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

Multiple vulnerabilities have been discovered in FortiWeb, which could allow for Arbitrary Code Execution. FortiWeb is a web application firewall (WAF). Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

accounts application change code code execution data delete firewall fortiweb install privileges rights system vulnerabilities waf web web application web application firewall

Visit resource

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Oracle Quarterly Critical Patches Issued April 16, 2024 1 day, 12 hours ago | www.cisecurity.org
april code code execution critical +7
Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution 1 day, 15 hours ago | www.cisecurity.org
authentication avalanche code code execution +23
Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution 1 day, 20 hours ago | www.cisecurity.org
attacker chrome code code execution +9
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2 days, 16 hours ago | www.cisecurity.org
access arbitrary code arbitrary code execution browser +17
A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution 6 days, 15 hours ago | www.cisecurity.org
alto arbitrary code arbitrary code execution code +16
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 week, 1 day ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 1 week, 2 days ago | www.cisecurity.org
adobe adobe after effects adobe commerce after effects +14
Critical Patches Issued for Microsoft Products, April 09, 2024 1 week, 2 days ago | www.cisecurity.org
accounts april attacker change +14
A Vulnerability in Broadcom Brocade Fabric OS Could Allow for Arbitrary Code Execution 1 week, 6 days ago | www.cisecurity.org
arbitrary code arbitrary code execution area broadcom +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Dir-Information Security - Cyber Analytics

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Security Engineer - Security Operations

@ TravelPerk | Barcelona, Barcelona, Spain
View on infosec-jobs.com

Information Security Mgmt- Risk Assessor

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SAP CO Consultant

@ Atos | Istanbul, TR
View on infosec-jobs.com
View more jobs