- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiOS 6.2.9 list files in filesystem CVE-2022-42475 FG-IR-22-398
Hi
I have a pair of FortiGate-200E Firewalls in HA mode
v6.2.9,build1234,210601 (GA)
The advisory FG-IR-22-398 recommends checking for the existence of certain files in the filesystem.
/data/lib/libips.bak
/data/lib/libgif.so
/data/lib/libiptcp.so
/data/lib/libipudp.so
/data/lib/libjepg.so
/var/.sslvpnconfigbk
/data/etc/wxd.conf
/flash
The fnsysctl command doesn't appear to be available.
$ fnsysctl ls
Unknown action 0
How do I list files in the filesystem in v6.2.9?
Do I need to enter a privileged mode to use fnsysctl or should I be using another command?
I am new to Fortigates and this has just been dropped in my lap.
Thanks for any assistance.
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
- You have to be an admin user with super_admin profile
- You have to give the command folder to list: # fnsysctl ls -l /data/lib
- Command is 'hidden' - tab completion will not work here.
- It has been available for many years, so 6.2 has it for sure as well.
- « Previous
-
- 1
- 2
- Next »
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- You have to be an admin user with super_admin profile
- Paste these commands into CLI and off you go
fnsysctl ls -a /data/lib/libips.bak
fnsysctl ls -a /data/lib/libgif.so
fnsysctl ls -a /data/lib/libiptcp.so
fnsysctl ls -a /data/lib/libipudp.so
fnsysctl ls -a /data/lib/libjepg.so
fnsysctl ls -a /var/.sslvpnconfigbk
fnsysctl ls -a /data/etc/wxd.conf
fnsysctl ls -a /flash
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank You for answer JoePasc but I already done that and that was not what @dan and I was asking for.
@dan wrote:
I think the same PSIRT also mentiones to search for the logfiles for Logdesc="Application crashed" and msg="[...] application:sslvpnd,[...], Signal 11 received, Backtrace: [...]“
How can this be done easily on the CLI?
And I also asked: What is the path to the logfile to search and the name of the logfile.
The files You @JoePasc talk about are not logfiles. Correct?
Kind Regards \\eda
Created on 12-21-2022 03:14 PM Edited on 12-27-2022 11:09 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You might've found this already, but there's a post here with what I think is the forticommand that you are looking for. Unfortunately, I couldn't pipe it to fnsysctl grep but EDIT: can pipe it to grep without the fnsysctl) and was able to download my cli session history and search it that way too.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Critical-vulnerability-Protect-against-hea...
diagnose debug crashlog read
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content

- « Previous
-
- 1
- 2
- Next »