CVE-2016-4967

Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to obtain sensitive information from (1) a backup of the device configuration via script/cfg_show.php or (2) PCAP files via script/system/tcpdump.php.

Date published : 2016-09-21

http://www.securityfocus.com/bid/92779

https://www.kb.cert.org/vuls/id/724487