CVE-2022-39952

CVE Database · CVE-2022-39952

CVE-2022-39952

· CRITICALModified

CVSS v3.1

9.8

EPSS

99.81%

Published

Feb 16, 2023

Modified

Nov 21, 2024

Public PoC / Exploit (2)

All weaponized →

NucleiNuclei detection template TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-73CWE-668

Affected Products (4)

fortinet · fortinacvulnerable

fortinet · fortinac (up to 9.1.8)vulnerable

fortinet · fortinac (up to 9.2.6)vulnerable

fortinet · fortinac (up to 9.4.1)vulnerable

References (2)

https://fortiguard.com/psirt/FG-IR-22-300

Vendor Advisory

https://fortiguard.com/psirt/FG-IR-22-300

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs