:strip_exif()/i/2004648156.jpeg?fit=%2C&ssl=1)
Fortinet warns customers of a serious vulnerability in numerous FortiGate firewalls and FortiProxy web proxies. The company released a patch for the bug, which allows attackers to log into an administrator account remotely.
The bug is tracked as CVE-2022-40684, although no public information has yet been recorded about it. Fortinet is aware of the bug and he writes on his site which has released a patch for it, but the company itself does not provide public details about it. The patch was implemented in FortiOS 7.2.2. Also in the official release notes the bug with no information is called. Well there it is a security researcher who shares details on Twitter.
The hacker known as Gitworm claims that Fortinet recommends its customers to update FortiOS. The vulnerability is present in all versions of FortiOS from 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1. FortiProxy, a web proxy tool, is also a vulnerability. This affects versions 7.0.0 to 7.0.6 and version 7.2.0.
The bug was assigned a Critical score and a CVSS score of 9.6. This is an authentication bypass for the administrator environment. Attackers can access that environment remotely without authentication. “With the ability to perform this exploit remotely, Fortinet recommends that all customers with vulnerable versions update it immediately,” the company wrote. Attackers can enter a system by making a “specially created http or https request”. They can do a injection of arguments take out. This is a vulnerability traced as CW-88. As far as we know, the bug is not publicly exploited and does not exist theoretical verification from.
