Web: https://packetstormsecurity.com/files/171351/fortinac_keyupload_file_write.rb.txt

March 15, 2023, 2:45 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module uploads a payload to the /tmp directory in addition to a cron job to /etc/cron.d which executes the payload in the context of the root user. The core vulnerability is an arbitrary file write issue in /configWizard/keyUpload.jsp which is accessible remotely and without authentication. When you send the vulnerable endpoint a ZIP file, it will extract an attacker controlled file to a directory of the attackers choice on the target system. This issue is exploitable on FortiNAC …

fortinac fortinet fortinet fortinac

Product Security Architect / Red Team PenTester for AUTOSAR (m/w/d)

@ Bosch Group | Stuttgart, Germany

Cloud Security Engineer - 100% US REMOTE

@ Experian | Allen, TX, United States

System Security Analyst

@ Ashburn Consulting | Baltimore, MD, United States

Senior Advisor, Cyber

@ NielsenIQ | Chicago, IL, United States

Junior Application Security Engineer

@ Netcompany-Intrasoft | Athens, Greece

IT and process Control Security Architect

@ Statkraft | Oslo, Norway

Data Scientist, Sr. Consultant - Cybersecurity AI Research & Products

@ Visa | Ashburn, VA, United States

Senior Platform Security Engineer

@ Block | Melbourne, Australia

Snr Security Engineer (cloud)

@ Verisk | Málaga, Spain

Cybersecurity Analyst

@ Visa | Bengaluru, India

Information Security Engineer

@ ServiceNow | Orlando, FL, United States

Director of Cloud Security - 100% US REMOTE

@ Experian | Allen, TX, United States