Launchpad.net

CVE 2016-4966

The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter.

See the CVE page on Mitre.org for more details.

References