CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2008-7161 – Fortinet Fortigate - CRLF Characters URL Filtering Bypass
https://notcve.org/view.php?id=CVE-2008-7161
Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header. NOTE: this issue might be related to CVE-2005-3058. Fortinet FortiGuard Fortinet FortiGate-1000 v3.00 build 040075,070111 permite a atacantes remotos evitar el filtrado URL a través de una petición GET o POST fragmentada que utiliza HTTP/1.0 sin la cabecera Host. Nota: este caso podría estar relacionado con CVE-2005-3058. • https://www.exploit-db.com/exploits/31026 http://www.securityfocus.com/archive/1/485794/100/200/threaded http://www.securityfocus.com/archive/1/485813/100/200/threaded http://www.securityfocus.com/bid/27276 https://exchange.xforce.ibmcloud.com/vulnerabilities/39684 • CWE-264: Permissions, Privileges, and Access Controls •