HTTP: Fortinet FortiNAC Unauthenticated Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Fortinet FortiNAC. A successful attack can lead to arbitrary code execution.

Extended Description

A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.

Affected Products

Fortinet fortinac

Short Name
HTTP:CTS:FORTINET-NAC-UNAUTH-CE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2022-39952 Code Execution FortiNAC Fortinet Remote Unauthenticated
Release Date
02/23/2023
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3575
False Positive
Unknown
Vendors

Fortinet

Found a potential security threat?