• Hello and welcome! Register to enjoy full access and benefits:

    • Advertise in the Marketplace section for free.
    • Get more visibility with a signature link.
    • Company/website listings.
    • Ask & answer queries.
    • Much more...

    Register here or log in if you're already a member.

  • 🎉 WHV has crossed 10,000 monthly views and 50,000 clicks per month, as per Google Analytics! Thank you for your support! 🎉

Researcher to Release FortiWeb Exploit Allowing Full Authentication Bypass

johny899

johny899

New Member
Content Writer
Messages
147
Reaction score
2
Points
23
Balance
$107.2USD

Hackers can expect to get a new toy soon​

Here's the curveball: a security researcher said they'll release an exploit that ruins FortiWeb's login system completely. That is, that attackers won't need a username, password, or even two-factor authentication—they'll just walk in. Kind of like finding your front door key opens your neighbor's house as well.

FortiWeb in plain terms​

If you’re not familiar, FortiWeb is Fortinet’s web app firewall (WAF). Companies use it to block attacks like SQL injection and XSS before they reach apps. It’s supposed to be the shield that keeps hackers away.

But if this exploit works, the shield won’t matter. It’s like having a strong lock on your door but leaving the window wide open.

Why this exploit is dangerous​

An authentication bypass is bad enough. An authentication bypass where the system basically allows anyone in without logging in properly is not much better. Try to visualize what an attacker could do once he's in without logging in properly:

  • Read or steal sensitive files
  • Change configurations and introduce new weaknesses
  • Install malware for later exploitation
  • Use the system as a stepping stone to attack other networks
Ever asked yourself how much trust we have in these security devices? This means that even the devices meant to protect us are the weakness.

Public release: savvy or risky?​

The most contentious argument here is of responsible disclosure. The researcher says that they will publish the exploit code to all. On the one hand, it forces Fortinet to patch straight away. On the other, it also gives an attacker a ready-made weapon.

I've seen this before—sometimes there are patches within a day or two, but sometimes vendors wait. And during that time frame, attackers wreak havoc. Who do you think wins the majority of the time: defenders or hackers?

What admins can do right away​

If I were running FortiWeb in production, I'd already be planning ahead on emergency responses. Some smart things to do are:

  • Check Fortinet advisories daily until a patch comes out
  • Limit access to FortiWeb UI (block public access where feasible)
  • Add further monitoring of suspicious login activity
  • Backup copies offline in case of disaster
These steps will not fix the bug, but they may slow things down.

Conclusion​

The fact that an auth bypass exploit for FortiWeb will be published by a researcher is exciting and frightening. Exciting to security researchers who'd like to study it, frightening to admins who'll be patching on the fly.
 
You must log in or register to reply here.

Support / Help Desk

Blog - (WHV)

Hosting Reviews

Navigation

  1. WHV Forums
    1. WHV - Announcements
    2. General Discussion
    3. Introduction
    4. Web Hosting Forum
    5. Help
    6. News
  2. Marketplace
    1. VPS Offers
    2. Dedicated Server Offers
    3. Shared Hosting Offers
    4. Reseller Hosting Offers
    5. Other Offers (Not Hosting)
    6. Domains
  3. Web Hosting Discussion
    1. Hosting Software & Control Panels
    2. Other Hosting Tutorials
    3. Reviews
    4. Articles
    5. Offtopic
  4. Web Hosting Tutorials
    1. cPanel Tutorials
    2. WHM Reseller Tutorials
    3. DirectAdmin Tutorials
    4. Blesta Tutorials
    5. WHMCS Tutorials
  5. Hosting Extensions
    1. WHMCS Market
    2. Blesta Market
    3. HostBill Market
Top