Security for everyone

CVE-2017-14186 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Fortinet FortiOS affects v. 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2017-14186 Scanner Detail

Fortinet FortiOS is a highly reputable security solution designed to secure enterprise-level networks against all sorts of cyber threats. Whether it be network security, application security, or endpoint protection, Fortinet FortiOS is the go-to solution for many organizations around the globe. The software solution is versatile and can be used across different operating systems. It also offers integrated security solutions, making it one of the most comprehensive security software in the market.

The CVE-2017-14186 vulnerability, which was detected in Fortinet FortiOS version 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4, and previous versions, is a Cross-site Scripting (XSS) vulnerability that is primarily responsible for the leaking of sensitive information and potential data breaches. This vulnerability is caused by an error in the SSL VPN web portal, allowing a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An URL Redirection attack may also be feasible by injecting an external URL via the affected parameter.

If the CVE-2017-14186 vulnerability is exploited, sensitive information may be accessed without authorization, such as passwords and login credentials, leading to identity theft, personal data breaches, and loss of critical business data. Businesses may also suffer financial loss as a result of data breaches, reputation damage, and legal liabilities due to violations of data protection laws and regulations.

Thanks to the pro features of the platform, users can receive timely notifications of vulnerabilities in their digital assets. They can also receive actionable insights on how to protect their assets from attacks, including how to patch any vulnerabilities detected. Users can rest assured knowing that their digital assets are always secure from cyber threats with



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture