CVE-2022-40684 PoC — Fortinet FortiOS 授权问题漏洞

Source

https://github.com/Filiplain/Fortinet-PoC-Auth-Bypass

Associated Vulnerability

Title:Fortinet FortiOS 授权问题漏洞 (CVE-2022-40684)
Description:Fortinet FortiOS是美国飞塔（Fortinet）公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS存在授权问题漏洞。目前尚无此漏洞的相关信息，请随时关注CNNVD或厂商公告。

Description

Bash PoC for Fortinet Auth Bypass - CVE-2022-40684

Readme

# Fortinet-PoC-Auth-Bypass
Bash Proof of Concept (PoC) for Fortinet Authentication Bypass - CVE-2022-40684

![](https://raw.githubusercontent.com/Filiplain/Fortinet-PoC-Auth-Bypass/main/img.png)

# Usage:

```
 Usage: ./poc.sh <target-IP> <Port>
 Example: ./poc.sh 10.10.10.120 8443
```

Available in Exploit-db:

https://www.exploit-db.com/exploits/51092

File Snapshot


 [4.0K]  /data/pocs/f26d4a8b40e6a7136825eef57a735195ab61c2a3
├── [ 27K]  img.png
├── [1.1K]  poc.sh
└── [ 356]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!