Fortinet · Fortigate · CVE-2005-3057
**Name of the Vulnerable Software and Affected Versions**
FortiGate versions prior to 3.0 MR1
**Description**
The issue allows remote attackers to bypass the Fortinet FTP anti-virus engine. This can be achieved by sending a STOR command and uploading a file before the FTP server response has been sent. An example of this exploit has been demonstrated using LFTP.
**Recommendations**
For versions prior to 3.0 MR1, update to version 3.0 MR1 or later to resolve the issue. As a temporary workaround, consider restricting access to the FTP component until a patch is available. Avoid using the FTP component for uploading files until the issue is resolved.