Dark Reading

Zero-Day Flaw Found in Fortinet's FortiWeb WAF Technology

Researchers at Rapid7 today disclosed a critical zero-day vulnerability in Fortinet's FortiWeb Web application firewall (WAF) technology that attackers can exploit to gain complete control of affected ...
Threat Post

Unpatched Fortinet Bug Allows Firewall Takeovers

The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch this week. An unpatched OS command-injection security vulnerability has been disclosed ...