Horizon3’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. “Similar to the weaponization of previous archive vulnerability issues that allow arbitrary file write, we use this vulnerability to write a cron job to /etc/cron.d/payload. This cron job gets triggered every minute and initiates a reverse shell to the attacker,” shared Zach Hanley, Chief Attack Engineer at Horizon3. “We first create a zip that contains … More
The post PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952) appeared first on Help Net Security.