CVE-2018-13382

CRITICAL KEV RANSOMWARE

Fortinet Fortiproxy < 1.2.9 - Incorrect Authorization

Title source: rule

Description

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests

Exploits (4)

exploitdb WORKING POC

by Ricardo Longatto · pythonwebappshardware

https://www.exploit-db.com/exploits/49074

View Code ZIP pw:eip

nomisec WORKING POC 147 stars

by milo2012 · remote

https://github.com/milo2012/CVE-2018-13382

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by tumikoto · remote

https://github.com/tumikoto/Exploit-FortinetMagicBackdoor

View Code ZIP pw:eip

nomisec WORKING POC

by cojoben · remote

https://github.com/cojoben/CVE-2018-13382

View Code ZIP pw:eip

References (3)

[Vendor Advisory] https://fortiguard.com/advisory/FG-IR-18-389

[Vendor Advisory] https://www.fortiguard.com/psirt/FG-IR-20-231

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-13382

Scores

CVSS v3 9.1

EPSS 0.8531

EPSS Percentile 99.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CISA KEV 2022-01-10

VulnCheck KEV 2019-10-02

InTheWild.io 2019-09-02

ENISA EUVD EUVD-2018-5326

Ransomware Use Confirmed

CWE

CWE-863

Status published

Products (3)

fortinet/fortios 5.4.1 - 5.4.11

fortinet/fortiproxy 2.0.0

fortinet/fortiproxy < 1.2.9

Published Jun 04, 2019

KEV Added Jan 10, 2022

Tracked Since Feb 18, 2026