February 21, 2023 at 06:05PM

■■■■■ Fortinet FortiNAC CVE-2022-39952 Deep-Dive, PoC and IOCs.

An external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.

PoC exploit here.

Usage:
python3 CVE-2022-39952.py –target IP –file payload

https://t.me/cKure/12119