skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Fortinet and Next.js Address Critical Security Vulnerabilities

/ 1 min read

🔒🛠️ Fortinet and Next.js address critical security vulnerabilities. Fortinet has patched a severe vulnerability, CVE-2023-34990, in its FortiWLM product, which allows unauthenticated attackers to access sensitive files, posing significant risks to system security. This flaw, discovered by researcher Zach Hanley, highlights the importance of timely remediation, as Fortinet took 19 months to issue a fix after the initial disclosure. Additionally, Next.js has resolved an authorization bypass vulnerability (CVE-2024-51479) that could expose sensitive data in applications, affecting versions 9.5.5 through 14.2.14. Developers are urged to update to version 14.2.15 or later to mitigate these risks. Both incidents underscore the ongoing challenges in maintaining security within digital ecosystems.

Source
{entry.data.source.title}
Original