CVE-2022-40684

This Metasploit module exploits an authentication bypass vulnerability (CVE-2022-40684) in Fortinet FortiOS, FortiProxy, and FortiSwitchManager to add an SSH key to a target user's authorized_keys file, enabling remote access. It leverages a flawed API endpoint to bypass authentication and manipulate user configurations.

This script exploits an authentication bypass vulnerability in Fortinet products by sending a crafted HTTP request to the API endpoint. It checks for vulnerability by dumping system information and saves the output if successful.

This PoC exploits CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager, to add an SSH key for a specified user. It sends a crafted PUT request to the target API endpoint with a manipulated 'Forwarded' header to bypass authentication.

This PoC exploits an authentication bypass vulnerability in Fortinet FortiOS/FortiProxy via crafted HTTP headers to extract admin user details and LDAP configuration. It performs read-only actions without requiring authentication.

This repository provides information and resources related to CVE-2022-40684, an authentication bypass vulnerability in Fortinet products. It includes a list of affected IPs and references for defensive research purposes.

This repository contains a Bash script PoC for CVE-2022-40684, an authentication bypass vulnerability in Fortinet devices. The script sends a crafted HTTP request to dump system information by exploiting improper header handling.

This PoC exploits CVE-2022-40684, an authentication bypass vulnerability in FortiProxy/FortiOS, by sending a crafted PUT request to add an SSH public key to an arbitrary admin account. The script automates the process for multiple targets and usernames.

This is a Metasploit auxiliary module for scanning and exploiting CVE-2022-40684, an authentication bypass vulnerability in Fortinet products. It attempts to bypass authentication via crafted HTTP headers and retrieves sensitive information such as LDAP configurations and admin user details.

This repository provides a proof-of-concept for CVE-2022-40684, an authentication bypass vulnerability in Fortinet products. It includes HTTP requests to exploit the vulnerability by manipulating headers to bypass authentication and add an SSH public key to an admin user.

This PoC exploits CVE-2022-40684, an authentication bypass vulnerability in FortiGate devices, by uploading an SSH public key to gain unauthorized access. The script supports both single-target and batch exploitation via a list of hosts.

This PoC exploits CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. It adds an SSH key to a specified user account, allowing remote access without authentication.

This PoC exploits CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. It enumerates admin usernames and LDAP configurations, then writes an SSH public key to a specified user account for persistent access.

This Rust-based PoC exploits CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. It sends a crafted HTTP request with specific headers to check for vulnerability by analyzing the response status and content.

This PoC exploits CVE-2022-40684, an authentication bypass vulnerability in FortiOS/FortiProxy/FortiSwitchManager, to enumerate user accounts via an unauthenticated API endpoint. It sends a crafted HTTP request with specific headers to retrieve administrative user details.

This is a Rust-based exploit for CVE-2022-40684, an authentication bypass vulnerability in FortiOS. It uploads an SSH public key to the target system, allowing an attacker to log in as admin via SSH.

This Go-based exploit targets CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS/FortiProxy. It sends a crafted HTTP request with manipulated headers to bypass authentication and retrieve admin user data.

This repository contains a Go-based exploit for CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. The exploit adds an SSH public key to a specified user account, allowing unauthorized access.

This repository contains a functional exploit for CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. The exploit adds an SSH key to a specified user account, allowing remote access without authentication.

This repository contains a README describing a script to extract passwords from a specific file format related to CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS. The script processes 'vpn-passwords.txt' files, filtering out banners and extracting passwords.

This PoC exploits CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. It adds an SSH key to the specified user (default: admin) by sending a crafted HTTP PUT request with a manipulated 'Forwarded' header.

This PowerShell script exploits CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS. It sends a crafted HTTP request to the FortiGate API endpoint to extract admin user details and system information without authentication.

This repository contains a functional Python tool that exploits CVE-2022-40684, an authentication bypass vulnerability in FortiGate/FortiOS devices. The tool can detect vulnerability, enumerate users, and dump configurations via exposed CMDB API endpoints.

This PoC exploits an authentication bypass vulnerability in Fortinet FortiOS/FortiProxy via crafted HTTP headers to extract admin user details and LDAP configuration. It performs read-only actions without requiring authentication.

This repository contains a Python script designed to scan and analyze leaked FortiGate configuration files and VPN credentials, likely obtained via exploitation of CVE-2022-40684. It extracts IPs, emails, versions, and indicators of compromise (IOCs) from the files.

This PoC exploits CVE-2022-40684, an authentication bypass vulnerability in FortiGate devices. It leverages HTTP header manipulation to access sensitive endpoints and leak admin and LDAP configuration data.

This Rust-based PoC exploits CVE-2022-40684, an authentication bypass vulnerability in FortiOS, FortiProxy, and FortiSwitchManager. It adds an SSH public key to a specified user account via an unauthenticated API endpoint, enabling remote access.

This PoC exploits an authentication bypass vulnerability (CVE-2022-40684) in Fortinet FortiOS, FortiProxy, and FortiSwitchManager to add an SSH key for a specified user, allowing unauthorized access.

This is a functional exploit for CVE-2022-40684, an authentication bypass vulnerability in FortiOS, FortiProxy, and FortiSwitchManager. It allows an attacker to add an SSH key to the admin account or enumerate user and LDAP configuration details.

This exploit targets CVE-2022-40684, an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. It adds an SSH public key to a specified user account via an unauthenticated HTTP PUT request, enabling remote access.

This Metasploit module exploits CVE-2022-40684, an authentication bypass in Fortinet FortiOS, FortiProxy, and FortiSwitchManager, to add an SSH key to a target user's authorized_keys file, enabling remote access.