The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions prior to 3.0 MR1, allows remote malicious users to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortios |
||
fortinet fortigate 2.8 |