FortiOS - Host header injection vulnerability
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-19-301
Final
1
1
2021-09-07T00:00:00
Current version
2021-09-07T00:00:00
2021-09-07T00:00:00
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS may allow a remote unauthenticated attacker to either redirect users to malicious websites via a crafted "Host" header or to execute JavaScript code in the victim's browser context.This happens when the FortiGate has web filtering and category override enabled/configured.
Execute unauthorized code or commands
FortiOS version 6.4.1 and below. FortiOS version 6.2.9 and below.
Please upgrade to FortiOS version 6.4.2 or above. Please upgrade to FortiOS version 6.2.10 or above.
Fortinet is pleased to thank Justin McCarthy for reporting this issue under responsible disclosure.
FortiOS 6.4.1
FortiOS 6.4.0
FortiOS 6.2.9
FortiOS 6.2.8
FortiOS 6.2.7
FortiOS 6.2.6
FortiOS 6.2.5
FortiOS 6.2.4
FortiOS 6.2.3
FortiOS 6.2.2
FortiOS 6.2.1
FortiOS 6.2.0
FortiOS - Host header injection vulnerability
CVE-2019-16151
FortiOS-6.4.1
FortiOS-6.4.0
FortiOS-6.2.9
FortiOS-6.2.8
FortiOS-6.2.7
FortiOS-6.2.6
FortiOS-6.2.5
FortiOS-6.2.4
FortiOS-6.2.3
FortiOS-6.2.2
FortiOS-6.2.1
FortiOS-6.2.0
4.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X
https://fortiguard.fortinet.com/psirt/FG-IR-19-301
FortiOS - Host header injection vulnerability
Reference>