New auth bypass bug targets FortiGate firewalls and FortiProxy web proxies

A Fortinet vulnerability in FortiGate firewalls and FortiProxy web proxies could allow a threat actor to perform unauthorized actions on vulnerable devices.

Fortinet has issued security updates to fix the vulnerability and has urged customers in private alert to disable remote management interfaces on affected devices “with utmost urgency.”

The bug, a critical bug traced as CVE-2022-40684, has a severity of 9.6 and affects some versions, including: FortiOS from 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1; FortiProxy from 7.0.0 to 7.0.6 and 7.2.0. It has however been addressed in FortiOS versions 7.0.7 and 7.2.2, and FortiProxy versions 7.0.7 and 7.2.1 released this week.

Fortinet explained that the vulnerability is related to an authentication bypass vulnerability that could allow an unauthenticated threat actor to perform arbitrary operations on the administrative interface via a specially crafted HTTP(S) request.

Security experts from provided a proof-of-concept (PoC) exploit and a technical analysis of the root cause of the vulnerability. This exploit can exploit the authentication bypass flaw to set an SSH key for the user, which is specified from the command line when the Python script is started. researchers explained that attackers can also compromise systems by changing the administrators’ SSH keys to allow the attacker to log into the compromised system; add new local users; update network configurations to redirect traffic; download the system configuration and initiate packet captures to collect other sensitive system information.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web