Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls - Patch Now! (thehackernews.com)

submitted 1 year ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

Fortigate published a patch for CVE-2023-27997, a Remote Code Execution vulnerability reachable pre-authentication, on every SSL VPN appliance.

you are viewing a single comment's thread
view the rest of the comments

[-] [email protected] 1 points 1 year ago

I bought a fortunate 60e a few months ago to play around with. After setting up some vlans, subnets, and firewall rules I am considering just selling it. Without a license you don't even get security updates. So at this point opnsense might be my next firewall to learn on. I was just trying to my hands on what is actually being used by companies.

It would be cool to see companies start offering homelab licenses for people to play around with and get experience before buying into a whole ecosystem.

[-] [email protected] 1 points 1 year ago* (last edited 1 year ago)

It would be cool to see companies start offering homelab licenses for people to play around with and get experience before buying into a whole ecosystem.

Like you said, I think companies should be prohibited from locking security updated behind a license paywall. Features are one thing, and while I would also like free homelab licenses, I understand why companies don't offer them, especially for products like enterprise firewalls, routers, and switches. A company shouldn't require you to pay more money to secure something they shipped with a vulnerability. Honestly this kind of shit should take precedence over the squabbling about USB-C, App Store monopolies, or whatever other flavor of the month issue the EU or the US is lambasting tech companies for.

this post was submitted on 12 Jun 2023

11 points (92.3% liked)

Cybersecurity

5404 readers

144 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago

MODERATORS

[email protected]