PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)

Horizon3’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. “Similar to the weaponization of previous archive vulnerability issues that allow arbitrary file write, we use this vulnerability to write a cron job to /etc/cron.d/payload. This cron job gets triggered every minute and initiates a reverse shell to the attacker,” shared Zach Hanley, Chief Attack Engineer at Horizon3. “We first create a zip that contains … More →

The post …

access access control archive attack chief control critical critical vulnerability cron cve cve-2022-39952 don't miss engineer etc exploit file fortinac fortinet fortinet fortinac greynoise horizon3 horizon3.ai hot stuff iocs job network network access network access control payload poc poc exploit rce reverse reverse shell shell solution team vulnerability zach zach hanley