Fortinet and Next.js Address Critical Security Vulnerabilities
/ 1 min read
🔒🛠️ Fortinet and Next.js address critical security vulnerabilities. Fortinet has patched a severe vulnerability, CVE-2023-34990, in its FortiWLM product, which allows unauthenticated attackers to access sensitive files, posing significant risks to system security. This flaw, discovered by researcher Zach Hanley, highlights the importance of timely remediation, as Fortinet took 19 months to issue a fix after the initial disclosure. Additionally, Next.js has resolved an authorization bypass vulnerability (CVE-2024-51479) that could expose sensitive data in applications, affecting versions 9.5.5 through 14.2.14. Developers are urged to update to version 14.2.15 or later to mitigate these risks. Both incidents underscore the ongoing challenges in maintaining security within digital ecosystems.
