CVE-2018-13371

Summary

An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component.

Affected Software

VendorProductVersion RangeStatus
n/aFortinet FortiOS6.2.0 and below versionsaffected
n/aFortinet FortiOS5.6.7 and belowaffected
n/aFortinet FortiOS5.4.10 and belowaffected

Weaknesses

  • Execute unauthorized code or commands

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References