coathanger (1)

12378965473?profile=RESIZE_400xFortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild.  The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands.  "An out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests," the company said in a bulletin released last week.

It further acknowledged that the iss