2025-01-30 22:06:31 Pacfic
Fortinet Firewall Zero-Day Exploitation - 16d
A zero-day vulnerability in Fortinet firewalls is being actively exploited by attackers. The flaw allows attackers to compromise systems with exposed interfaces. There is a mass exploitation campaign against Fortinet firewalls that peaked in December 2024. Fortinet has released a patch (CVE-2024-55591). It is suspected that the attackers may have been exploiting a zero-day vulnerability before the patch was released. Organizations using Fortinet firewalls are strongly advised to apply the patch as soon as possible.
Fortinet Firewall Configs Leaked From Zero Day - 14d
A new hacking group has leaked configuration files and VPN credentials for over 15,000 FortiGate devices. This includes full configuration dumps and VPN passwords, exposing sensitive technical information to other cybercriminals. The affected devices appear to be primarily Fortigate 7.x and 7.2.x devices. The data was likely collected using a zero day exploit in 2022 but just released in Jan 2025.
Next.js Authorization Bypass Exposes Root Pages - 11d
A high-severity authorization bypass vulnerability (CVE-2024-51479) has been discovered in Next.js, a widely used React framework. This flaw allows unauthorized access to certain pages directly under the application’s root directory, bypassing middleware-based authorization checks. The vulnerability affects versions from 9.5.5 up to 14.2.14. It requires immediate patching to version 14.2.15 to mitigate the risk.
Fortinet Flaws Allow Remote Code Execution - 11d
Multiple critical vulnerabilities have been discovered in Fortinet’s products including FortiWLM and FortiClient EMS. These vulnerabilities, including path traversal and SQL injection flaws, allow attackers to execute arbitrary code and access sensitive data. Exploitation of these vulnerabilities can lead to complete system compromise highlighting the need for immediate patching and proper vulnerability management.
FortiWLM Path Traversal and Next.js Auth Bypass - 11d
A critical path traversal vulnerability (CVE-2023-34990) has been identified in FortiWLM, allowing unauthenticated attackers to access sensitive files. Additionally, a separate authorization bypass (CVE-2024-51479) has been discovered in Next.js. Both vulnerabilities permit unauthorized actions, including potential code execution. Users are advised to patch their systems immediately to mitigate these serious risks which have been actively exploited in the wild.