Skip to content

Commit

Permalink
Merge pull request #899 from kscdivd/main
Browse files Browse the repository at this point in the history 
Update DIVD-2024-00044.md
  • Loading branch information
@MrSeccubus
MrSeccubus authored Dec 23, 2024
2 parents 6707a9f + 0ddc481 commit 6484f20
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions _cases/2024/DIVD-2024-00044.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,12 @@ timeline:
- start: 2024-11-28
end:
event: "DIVD starts scanning the internet for vulnerable instances."
- start: 2024-12-21
end:
event: "DIVD performed a rescan to retrieve the latest vulnerable instances"
- start: 2024-12-21
end:
event: "DIVD starts notifying network owners with a vulnerable instance in their network."
---
## Summary
A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. Reports have shown this vulnerability is exploited in the wild.
Expand Down

0 comments on commit 6484f20

Please sign in to comment.