Fortinet FortiOS / FortiProxy / FortiSwitchManager Authentication Bypass
This Metasploit module exploits an authentication bypass vulnerability in
the Fortinet FortiOS, FortiProxy, and FortiSwitchManager API to gain
access to a chosen account and then adds an SSH key to the authorized_keys
file of the chosen account, allowing you to login to the system with the
chosen account. Successful exploitation results in remote code execution.
https://packetstormsecurity.com/files/169431/fortinet_authentication_bypass_cve _2022_40684.rb.txt
Wed, 19 Oct 2022 14:35:11 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com