Exploit for #VU72373 External Control of File Name or Path in FortiNAC
Vulnerability identifier: #VU72373
Vulnerability risk: Critical
CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-73
Exploitation vector: Network
Exploits in database: 4
- May 7, 2023
- March 14, 2023
- Fortinet FortiNAC keyUpload.jsp arbitrary file write [Metasploit]
- February 22, 2023
- February 21, 2023
Impact: Code execution
Vulnerable software:
FortiNAC
Server applications /
IDS/IPS systems, Firewalls and proxy servers
Vendor: Fortinet, Inc
