Skip to content
/ CVE-2022-40684-metasploit-scanner Public

An authentication bypass using an alternate path or channel in Fortinet product

13 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TaroballzChen/CVE-2022-40684-metasploit-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 
fortinet_product_auth_bypass.py
fortinet_product_auth_bypass.py
 
 
poc.png
poc.png
 
 

Repository files navigation

CVE-2022-40684-metasploit-scanner

An authentication bypass using an alternate path or channel in Fortinet product

preparation POC

git clone https://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner
cd CVE-2022-40684-metasploit-scanner
mkdir -p ~/.msf4/modules/auxiliary/scanner/http
cp fortinet_product_auth_bypass.py ~/.msf4/modules/auxiliary/scanner/http/
chmod +x ~/.msf4/modules/auxiliary/scanner/http/fortinet_product_auth_bypass.py
msfconsole

POC usage

set rhosts <vuln ip/host>
set rport <vuln port>
set rssl <default: true for https>
set username <default: admin>
exploit

result

poc

reference

About

An authentication bypass using an alternate path or channel in Fortinet product

Resources

Readme
Activity

Stars

13 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages