CVE-2022-40684 Attacker Value Very High (2 users assessed) Exploitability Very High (2 users assessed) User Interaction None Privileges Required None Attack Vector Network 8 Disclosure Date: October 18, 2022• (Last updated May 04, 2025) ▾...
Exploitation Status GE Gas Power Product Security is not aware of any malicious attempts to exploit this vulnerability in customer equipment. Fortinet has had reports of exploited equipment in the field, and recommends looking for the following indicators of compromise (IOC) in the device's log ...
An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted requests to a vulnerable device. Successful exploitation would grant an attacker the ability to execute arbitrary code on the vulnerable device. The vulnerability was discovered by security ...
CVE-2022-40684 8 -41 9.8 0.95976 CVE-2020-17496 7 -9 9.8 0.97413 CVE-2018-20062 5 5 9.8 0.96823 CVE-2020-3452 5 0 7.5 0.97529 CVE-2018-17246 4 1 9.8 0.96827 CVE-2018-7600 4 2 9.8 0.9756 CVE-2019-12725 4 -4 9.8 0.9634 CVE-2019-9670 4 4 9.8 0.97216 CVE-2021-21985 4 2 9.8...
335 2024-08-14T03:11:31Z CVE-2022-40684 https://github.com/horizon3ai/CVE-2022-40684 A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager 463 2024-08-12T20:26:05Z CVE-2022-2588 https://github.com/Markakd/CVE-2022-2588 exploit for...
CVE-2022-21587:Oracle E-Business Suite 未授权RCE|Oracle E-BS CVE-2022-21587 Exploit Plugin for woodpecker-framwork Alibab-Nacos-Unauthorized-Login: Alibab Nacos <= 2.2.0 未授权访问「默认key生成jwt token」|Nacos-Authentication-Bypass-Poc |nacos_vul: Nacos身份验证绕过批量检测(QVD-2023-6271)+ ...
An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to a vulnerable device that has SSL VPN enabled. Successful exploitation would allow an attacker remote code or command execution on the device. Fortinet reports “potential” exploitati...
CVE-2022-424751134-106-8.5559.897.2% CVE-2022-248472260-262-10.39%7.239.7% CVE-2022-41040/CVE-2021-34473607-482-44.26%9.8n/a CVE-2020-89581532-1562-50.4857.298.1% CVE-2020-116253732-1938-34.18%5.346.2% Table 1. CVE targeting volumes for February, along with change from January, percent cha...
CVE-2022-39952:FortiNAC keyUpload zipslip 远程代码执行漏洞 CVE-2022-21587:Oracle E-Business Suite 未授权RCE|Oracle E-BS CVE-2022-21587 Exploit Plugin for woodpecker-framwork Alibab-Nacos-Unauthorized-Login: Alibab Nacos <= 2.2.0 未授权访问「默认key生成jwt token」|Nacos-Authentication-Bypass-Poc...
CVE-2022-39952:FortiNAC keyUpload zipslip 远程代码执行漏洞 CVE-2022-21587:Oracle E-Business Suite 未授权RCE|Oracle E-BS CVE-2022-21587 Exploit Plugin for woodpecker-framwork Alibab-Nacos-Unauthorized-Login: Alibab Nacos <= 2.2.0 未授权访问「默认key生成jwt token」|Nacos-Authentication-Bypass-Poc...