Will Dormann on Nostr: I now present to you the entire difference between the Fortinet FortiSIEM exploit for ...
I now present to you the entire difference between the Fortinet FortiSIEM exploit for CVE-2023-34992 and CVE-2024-23108, which Fortinet published 118 days later.
The injection-causing semicolon is moved from one argument to another. 🤦♂️
Published at
2024-05-28 13:28:31Event JSON
{
"id": "ffa8db2f2898ef46a11e0ac948a88b6b7b5e76336b9c37158a142b89486a9dec",
"pubkey": "9c7b9756690880e06dd0ac4246c1d27e99c2f9d8beb819e2e3156dc3e2d8d3e6",
"created_at": 1716902911,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/wdormann/statuses/112518949191818024",
"activitypub"
]
],
"content": "I now present to you the entire difference between the Fortinet FortiSIEM exploit for CVE-2023-34992 and CVE-2024-23108, which Fortinet published 118 days later.\nThe injection-causing semicolon is moved from one argument to another. 🤦♂️\n\nhttps://media.infosec.exchange/infosec.exchange/media_attachments/files/112/518/929/548/964/996/original/bcd2f78c219d14b6.png",
"sig": "528da1e1f509f393ddbaf05fdbef51b9ae8e37a2db3447983ad47b09a83cc37d580cd45d14294f798ccce212ff4566784dddc5f42b0bdfbcd6c23d693c6a4a53"
}
