Alert GCSA-25002 - Vulnerabilita' multiple nei prodotti Fortinet

****************************************************************** Alert ID: GCSA-25002 Data: 15 Gennaio 2025 Titolo: Vulnerabilita' multiple nei prodotti Fortinet ****************************************************************** :: Descrizione del problema Fortinet ha rilasciato degli aggiornamenti per risolvere varie vulnerabilita' presenti nei suoi prodotti: FG-IR-24-239 Admin Account Persistence after Deletion FG-IR-24-143 Arbitrary file delete on firmware import image feature FG-IR-24-097 Arbitrary file deletion in administrative interface FG-IR-24-152 Arbitrary file write on GUI FG-IR-24-535 Authentication bypass in Node.js websocket module FG-IR-24-222 Command injection in csfd daemon FG-IR-24-326 Exposure of sensitive information in RADIUS Accounting-Request FG-IR-24-282 File-Filter Bypass in Explicit Web Proxy Policy FG-IR-23-405 FortiAP - Restricted Shell Escape via CLI Command Injection FG-IR-23-260 Hardcoded Session Secret Leading to Unauthenticated Remote Co...