CVE-2022-39952
Description
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.
Fortinet, Inc.
Severity: CRITICAL
CVE ID: CVE-2022-39952
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2022-39952
Refrence: Project Discovery GitHub
horizon3ai
POC for CVE-2022-39952
Refrence: GitHub
shiyeshu
Write Behinder_webshell to target using CVE-2022-39952
Refrence: GitHub
Chocapikk
PoC for CVE-2022-39952 affecting Fortinet FortiNAC.
Refrence: GitHub
dkstar11q
PoC for CVE-2022-39952 affecting Fortinet FortiNAC.
Refrence: GitHub
Content on GitHub
hackingyseguridad | watchers:25
nmap
Detectar vulnerabilidades script con nmap
Refrence: GitHub