Fortinet released security fix for the vulnerability — Security ByPass
CVE-2021-22128 — FortiProxy SSL VPN
FortiProxy — a secure web proxy that protects employees against internet-borne attacks by incorporating multiple detection techniques.
Techniques such as web filtering, DNS filtering, data loss prevention, antivirus, intrusion prevention and advanced threat protection.
However, Fortinet PSIRT Team discovered a security bypass vulnerability was found in Fortinet FortiProxy SSL VPN.
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.
However, Successful exploitation can enable an attacker to access internal service.
Here the vulnerable FortiProxy version are:
- v1.2.9 and below
- v1.1.6 and below
- v1.0.7 and below
Also, the vulnerability is considered as MEDIUM severity with below base score:
According to Fortinet PSIRT Team, recommended to upgrade FortiProxy to
- versions 2.0.1 or above
- versions 1.2.10 or above.