Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-40684

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-40684

Description:
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Last updated date:
10/20/2022

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
10/10/2022
Reference url to background

https://www.fortiguard.com/psirt/FG-IR-22-377

Type:
exploitation
Confidence:
HIGH
Date of publishing:
10/11/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/11/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/13/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/13/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/13/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/13/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/14/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/14/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/15/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/16/2022
Reference url to background

https://github.com/Grapphy/fortipwn

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/19/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/20/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/26/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/27/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy