CVE-2022-42475

This PoC exploits a heap overflow in Fortinet's SSLVPN daemon (CVE-2022-42475) to achieve remote code execution via a crafted ROP chain. It sends a malicious HTTP POST request with a large payload to trigger the vulnerability and execute a reverse shell.

This is a functional exploit for CVE-2022-42475, a heap-based buffer overflow in Fortinet SSL-VPN. It leverages ROP chains and a connect-back shellcode to achieve remote code execution on vulnerable FortiGate devices.

This PoC exploits CVE-2022-42475, a buffer overflow vulnerability in Fortinet SSL VPN (sslvpnd), to achieve remote code execution (RCE) via a crafted payload sent over SSL. The exploit constructs a ROP chain to execute a reverse shell using Python.

This is a Python-based exploit for CVE-2022-42475, a heap overflow vulnerability in Fortinet's SSL-VPN daemon. It constructs a ROP chain to achieve remote code execution by sending a maliciously crafted POST request to the target.

This repository provides a Rust-based utility to scan Fortinet FortiGate devices for indicators of compromise (IOCs) related to CVE-2022-42475. It uses SSH to execute diagnostic commands and checks for specific files, strings, and IPs associated with the vulnerability.

This PoC exploits a heap overflow in Fortinet's SSLVPN daemon (CVE-2022-42475) to achieve remote code execution via a crafted ROP chain and reverse shell payload. It leverages hardcoded gadgets and a Python-based reverse shell to execute arbitrary commands on the target system.

This repository contains a functional exploit for CVE-2022-42475, a heap-based buffer overflow vulnerability in Fortinet SSL VPN. The exploit leverages an integer overflow in the Content-Length header to achieve remote code execution (RCE) via a crafted HTTP request with a ROP chain and shellcode.

This PoC exploits CVE-2022-42475, a buffer overflow vulnerability in Fortinet FortiOS SSL-VPN, to achieve remote code execution (RCE) via a crafted HTTP POST request. The exploit constructs a ROP chain to execute a reverse shell payload.

This repository contains a functional exploit for CVE-2022-42475, a buffer overflow vulnerability in Fortinet SSL VPN (sslvpnd) that allows unauthenticated remote code execution. The exploit constructs a ROP chain to execute a reverse shell payload via a crafted HTTP POST request.