CVE-2021-3378

CRITICAL NUCLEI

FortiLogger < 5.2.0 - Arbitrary File Upload via Hotspot Logo Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2021-3378. PoCs published by Berkan Er, erberkan, Berkan Er <[email protected]>, including Metasploit module exploits/windows/http/fortilogger_arbitrary_fileupload. A Nuclei detection template is also available.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in FortiLogger via a maliciously crafted POST request. It uploads an ASP payload disguised as an image file and executes it to achieve remote code execution.

Description

FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then visiting Assets/temp/hotspot/img/logohotspot.asp.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Berkan Er · rubywebappsmultiple
https://www.exploit-db.com/exploits/49600

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in FortiLogger via a maliciously crafted POST request. It uploads an ASP payload disguised as an image file and executes it to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: FortiLogger 4.4.2.2
No auth needed
Prerequisites: Network access to the target on port 5000 · Target running FortiLogger 4.4.2.2
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC 22 stars
by erberkan · poc
https://github.com/erberkan/fortilogger_arbitrary_fileupload

This repository contains a functional Metasploit module that exploits an unauthenticated arbitrary file upload vulnerability in FortiLogger 4.4.2.2. The exploit uploads a malicious ASP file via a multipart POST request and executes it to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: FortiLogger 4.4.2.2
No auth needed
Prerequisites: Network access to the target · FortiLogger 4.4.2.2 running on Windows
devstral-2 · analyzed Feb 18, 2026 Full analysis →
metasploit WORKING POC NORMAL
by Berkan Er <[email protected]> · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/fortilogger_arbitrary_fileupload.rb

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in FortiLogger versions < 5.2.0. It uploads a malicious ASP file disguised as an image, then executes it to achieve remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: FortiLogger < 5.2.0
No auth needed
Prerequisites: Network access to target · Target running vulnerable FortiLogger version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

FortiLogger 4.4.2.2 - Arbitrary File Upload
CRITICALby dwisiswant0

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/erberkan/fortilogger_arbitrary_fileupload
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/161601/FortiLogger-4.4.2.2-Arbitrary-File-Upload.html
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/161974/FortiLogger-Arbitrary-File-Upload.html

Scores

CVSS v3 9.8
EPSS 0.9358
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
fortilogger/fortilogger < 5.2.0
Published Feb 01, 2021
Tracked Since Feb 18, 2026