The vulnerability exists due to a flaw in the validation checks in the HTTP requests used to authenticate API callers. By supplying a handcrafted HTTP_CGIINFO /../ The post FortiWeb Authentication Bypass Vulnerability Exploited in the Wild appeared first on Truesec .