FortiOS – IP address validation mishandles zero characters

Fortiguard Security Advisory

An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiOS and FortiProxy IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.


Leave a Reply

Your email address will not be published. Required fields are marked *