CVE-2021-26088
HIGHFortinet Single Sign-On < 6.4.6 - Unauthenticated Authentication Bypass via UDP Login Notification Packets
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-26088. PoCs published by theogobinet.
AI-analyzed exploit summary This repository contains a functional PowerShell exploit for CVE-2021-26088, an improper authentication vulnerability in Fortinet FSSO Collector. The exploit forges UDP login notification packets to bypass firewall authentication rules, allowing unauthorized access to protected networks.
Description
An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets.
Exploits (1)
This repository contains a functional PowerShell exploit for CVE-2021-26088, an improper authentication vulnerability in Fortinet FSSO Collector. The exploit forges UDP login notification packets to bypass firewall authentication rules, allowing unauthorized access to protected networks.
References (1)
Scores
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L