logo
Vulnerability feed
Contributors
About
Blog
CONTRIBUTE

Vulnerability

warn

CVE-2022-40684

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-40684

Description:
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Last updated date:
03/27/2023

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
10/10/2022
Reference url to background

https://www.fortiguard.com/psirt/FG-IR-22-377

Type:
exploitation
Confidence:
HIGH
Date of publishing:
10/11/2022
Reference url to background

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/11/2022
Reference url to background

https://github.com/CarlosV1e1ra/CVE-2022-40684-RCE-POC

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/13/2022
Reference url to background

https://github.com/horizon3ai/CVE-2022-40684

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/13/2022
Reference url to background

https://github.com/carlosevieira/CVE-2022-40684

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/13/2022
Reference url to background

https://github.com/Filiplain/Fortinet-PoC-Auth-Bypass

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/13/2022
Reference url to background

https://github.com/kljunowsky/CVE-2022-40684-POC

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/14/2022
Reference url to background

https://github.com/secunnix/CVE-2022-40684

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/14/2022
Reference url to background

https://github.com/Carl0sV1e1ra/CVE-2022-40684

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/15/2022
Reference url to background

https://github.com/Chocapikk/CVE-2022-40684

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/16/2022
Reference url to background

https://github.com/Grapphy/fortipwn

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/18/2022
Reference url to background

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/fortinet_authentication_bypass_cve_2022_40684.rb

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/19/2022
Reference url to background

https://github.com/und3sc0n0c1d0/CVE-2022-40684

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/20/2022
Reference url to background

http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/26/2022
Reference url to background

https://github.com/qingsiweisan/CVE-2022-40684

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/27/2022
Reference url to background

https://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/28/2022
Reference url to background

https://github.com/hughink/CVE-2022-40684

Type:
exploit
Confidence:
HIGH
Date of publishing:
02/27/2023
Reference url to background

https://github.com/z-bool/CVE-2022-40684

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2023

Privacy Policy