Vulnerability detail

Tenable Blog · May 14, 2025

Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera.BackgroundOn May 13th, Fortinet published a security advisory (FG-IR-25-254) for CVE-2025-32756, a critical arbitrary code execution vulnerability affecting multiple Fortinet products.CVEDescriptionCVSSv3CVE-2025-32756An arbitrary code execution vulnerability in FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera9.6AnalysisCVE-2025-32756 is an arbitrary code execution vulnerability affecting multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera. A remote unauthenticated attacker can send crafted HTTP requests in order to create a stack-based overflow condition which would allow for the execution of arbitrary code. This vulnerability was discovered by the Fortinet Product Security Team who observed threat activity involving a device running FortiVoice.According to Fortinet, the threat actors operations included scanning the network, erasing system crashlogs and enabling ‘fcgi debugging’ which is used to log authentication attempts, including SSH logins. The ‘fcgi debugging’ option is not enabled by default and the Fortinet advisory recommends reviewing the setting as one possible indicator of compromise (IoC).Historical Exploitation of Fortinet DevicesFortinet vulnerabilities have historically been common targets for cyber attackers, and CVE-2025-32756 is the eighteenth Fortinet vulnerability to be added to the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) list.CVEDescriptionPatchedTenable BlogCVE-2024-55591Fortinet Authentication Bypass in FortiOS and FortiProxyJanuary 2025CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the WildCVE-2024-21762Fortinet FortiOS Out-of-bound Write Vulnerability...

metasploit · Created Unknown

Metasploit module for CVE-2022-40684

github · Created 2023-02-27 18:05:34 UTC · 5 stars

一键枚举所有用户名以及写入SSH公钥

github · Created 2022-10-28 03:46:00 UTC · 10 stars

github · Created 2022-10-27 15:11:27 UTC · 14 stars

An authentication bypass using an alternate path or channel in Fortinet product

github · Created 2022-10-26 01:48:14 UTC · 10 stars

github · Created 2022-10-19 22:07:24 UTC · 4 stars

Utilities for exploiting vulnerability CVE-2022-40684 (FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface).

github · Created 2022-10-17 09:22:57 UTC · 2 stars

github · Created 2022-10-15 19:43:48 UTC · 2 stars

Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]

github · Created 2022-10-15 17:02:49 UTC · 4 stars

Exploit for CVE-2022-40684 vulnerability

github · Created 2022-10-15 16:51:25 UTC · 5 stars

Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]

github · Created 2022-10-14 01:07:01 UTC · 5 stars

github · Created 2022-10-13 21:07:50 UTC · 15 stars

Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager

github · Created 2022-10-13 18:13:59 UTC · 87 stars

PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)

github · Created 2022-10-13 14:24:12 UTC · 349 stars

A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager