CVE-2024-2389: Command Injection Vulnerability In Progress Flowmon
David Yesland
April 23, 2024
After our initial research into other Progress products we decided to take a look at another Progress product, Flowmon. This led to the discovery of an unauthenticated command injection vulnerability, which when coupled with a privilege…
CVE-2022-26113: FortiClient Arbitrary File Write As SYSTEM
David Yesland
Forticlient is Fortinet’s basic VPN client which offers SSL VPN and IPSecVPN VPN connectivity. It also contains utility features which allow importing and exporting of VPN configurations and profiles…