CVE-2022-40684
CVE-2022-40684
Em resumo
Uma falha no FortiOS, FortiProxy e FortiSwitchManager permite que atacantes acessem o painel administrativo sem fazer login, usando requisições HTTP/HTTPS especialmente crafted. Isso é crítico porque dá acesso total de administrador ao sistema.
Detalhe técnico
Vulnerabilidade de autenticação em produtos Fortinet (FortiOS 7.0.0–7.0.6, 7.2.0–7.2.1; FortiProxy 7.0.0–7.0.6, 7.2.0; FortiSwitchManager 7.0.0, 7.2.0) que permite bypass de autenticação via CWE-287. Atacantes não autenticados podem acessar a interface administrativa remotamente através de requisições HTTP/HTTPS malformadas, obtendo privilégios de administrador sem pré-condições.
Resumo gerado e traduzido por IA a partir da descrição oficial.
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C
Produtos afetados
Fortinet · Fortinet FortiOS, FortiProxy, FortiSwitchManagerPoCs públicas encontradas — 33
githubgithub.com/horizon3ai/CVE-2022-40684★ 356githubgithub.com/carlosevieira/CVE-2022-40684★ 87githubgithub.com/arsolutioner/fortigate-belsen-leak★ 86githubgithub.com/Filiplain/Fortinet-PoC-Auth-Bypass★ 16githubgithub.com/kljunowsky/CVE-2022-40684-POC★ 16githubgithub.com/TaroballzChen/CVE-2022-40684-metasploit-scanner★ 14githubgithub.com/hughink/CVE-2022-40684★ 11githubgithub.com/qingsiweisan/CVE-2022-40684★ 9githubgithub.com/Chocapikk/CVE-2022-40684★ 7githubgithub.com/secunnix/CVE-2022-40684★ 5githubgithub.com/z-bool/CVE-2022-40684★ 5githubgithub.com/und3sc0n0c1d0/CVE-2022-40684★ 4githubgithub.com/xtwip/fortipwn★ 4githubgithub.com/jsongmax/Fortinet-CVE-2022-40684★ 2githubgithub.com/gustavorobertux/gotigate★ 2githubgithub.com/HAWA771/CVE-2022-40684★ 2githubgithub.com/NeriaBasha/CVE-2022-40684★ 1githubgithub.com/XalfiE/Fortigate-Belsen-Leak-Dump-CVE-2022-40684-★ 1githubgithub.com/iveresk/CVE-2022-40684★ 1githubgithub.com/Yami0x777/Belsen_Group-et-exploitation-de-la-CVE-2022-40684★ 0githubgithub.com/pintukumar-sutradhar/fortigate-cve-2022-40684-tool★ 0githubgithub.com/mhd108/CVE-2022-40684★ 0githubgithub.com/ClickCyber/cve-2022-40684★ 0githubgithub.com/puckiestyle/CVE-2022-40684★ 0githubgithub.com/notareaperbutDR34P3r/CVE-2022-40684-Rust★ 0githubgithub.com/dkstar11q/CVE-2022-40684★ 0githubgithub.com/Anthony1500/CVE-2022-40684★ 0githubgithub.com/niklasmato/fortileak-01-2025-Be★ 0githubgithub.com/ccordeiro/CVE-2022-40684★ 0exploitdbwww.exploit-db.com/exploits/52239não verificadocve_referencepacketstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/51092não verificadocve_referencepacketstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.htmlnão verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.htmlhttp://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.htmlhttps://fortiguard.com/psirt/FG-IR-22-377https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-40684