all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Fortinet FortiOS / FortiProxy / FortiSwitchManager Authentication Bypass

Add to bookmarks
Oct. 19, 2022, 2:35 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module exploits an authentication bypass vulnerability in the Fortinet FortiOS, FortiProxy, and FortiSwitchManager API to gain access to a chosen account and then adds an SSH key to the authorized_keys file of the chosen account, allowing you to login to the system with the chosen account. Successful exploitation results in remote code execution.

authentication authentication bypass bypass fortinet fortios fortiproxy fortiswitchmanager

Visit resource

More from packetstormsecurity.com / Packet Storm

Ubuntu Security Notice USN-6770-1 14 hours ago | packetstormsecurity.com
apache discovery fixes handling +13
Ubuntu Security Notice USN-6769-1 14 hours ago | packetstormsecurity.com
attacker configuration default denial of service +15
Red Hat Security Advisory 2024-2799-03 14 hours ago | packetstormsecurity.com
advisory buffer buffer overflow code +11
Red Hat Security Advisory 2024-2793-03 14 hours ago | packetstormsecurity.com
advisory denial of service enterprise linux +7
Red Hat Security Advisory 2024-2705-03 14 hours ago | packetstormsecurity.com
advisory build quarkus red hat +3
Red Hat Security Advisory 2024-2672-03 14 hours ago | packetstormsecurity.com
advisory bugs code code execution +15
Red Hat Security Advisory 2024-2671-03 14 hours ago | packetstormsecurity.com
advisory bugs build denial of service +10
Red Hat Security Advisory 2024-2669-03 14 hours ago | packetstormsecurity.com
advisory bugs code code execution +13
Red Hat Security Advisory 2024-2668-03 14 hours ago | packetstormsecurity.com
advisory bugs container denial of service +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Security Research Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

SOC Manager

@ Inbox Business Technologies | Islamabad, Islamabad Capital Territory, Pakistan
View on infosec-jobs.com

Cybersecurity Incident Response Program Manager (Hybrid)

@ UMB Bank | MO - Kansas City - 1010 Grand Blvd
View on infosec-jobs.com

Consultant, Cyber Risk Advisory | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Cybersecurity Bid Manager

@ Alstom | Derby, GB
View on infosec-jobs.com

Cyberspace Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com
View more jobs