Fortinet addresses Authentication Bypass in addition to numerous flaws

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

Fortinet addressed security flaws across its products, including a high-severity authentication bypass affecting FortiOS and FortiProxy tracking CVE-2022-35843 in FortiOS’s SSH login component. Only when Radius authentication is utilized can the bug be triggered. A remote attacker can circumvent authentication and get access to the device by delivering a specially designed Access-Challenge response from the Radius server. Other weaknesses allow an authenticated attacker to retrieve files and execute arbitrary code via crafted HTTP requests.