Authenticated Remote File Download Vulnerability in Fortinet FortiWan (formerly AscernLink)

Authenticated Remote File Download Vulnerability in Fortinet FortiWan (formerly AscernLink)

CVE-2016-4966 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter.

Learn more about our Cis Benchmark Audit For Fortinet.