Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.
Exploits (1)
References (1)
Core 1
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/26528/
Scores
EPSS
0.0045
EPSS Percentile
63.6%
Details
CWE
CWE-352
Status
published
Products (33)
fortinet/fortigate-1000c
fortinet/fortigate-100d
fortinet/fortigate-110c
fortinet/fortigate-1240b
fortinet/fortigate-200b
fortinet/fortigate-20c
fortinet/fortigate-300c
fortinet/fortigate-3040b
fortinet/fortigate-310b
fortinet/fortigate-311b
... and 23 more
Published
Jul 08, 2013
Tracked Since
Feb 18, 2026