Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kcheng
Staff
Staff

Created on ‎03-24-2023 01:40 AM Edited on ‎03-24-2023 01:41 AM By Moderator

Article Id 250179

Technical Tip: Discovery of backup file disclosure in FortiOS 7.0.x and 7.2.x by Vulnerability Assessment Tool

Description

This article describes the discovery of Backup File Disclosure vulnerability observed on FortiOS 7.0.x and 7.2.x by Nessus Vulnerability Scanner

(ref: https://www.tenable.com/plugins/nessus/11411).
Scope FortiOS 7.0.x, 7.2.x.
Solution

This has been confirmed to be a false positive response as the FortiOS web server would reply to an invalid path HTTP request with HTTP 404 error:

 

htaccess.png

 

The user can also attempt to download the file by using an external tool such as wget or curl. The tool used will be wget, as an example:

 

> wget.exe -S --no-check-cert https://<FortiGate_IP>/.htaccess

 

wget.png

 

The command above will download the .htaccess file into the folder where this command is run. Unzip the file downloaded and it will be possible to review the content in the unzipped file.

 

Viewing the file will confirm that the file served by FortiGate is just an index.html file compressed with gzip that redirects to the login page via javascript.

 

kcheng_1-1679645508962.png

 

Hence, this has been confirmed to be a false positive discovery on FortiOS 7.0.x and 7.2.x.
3200
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.