{"vulnerability": "CVE-2022-39952", "sightings": [{"uuid": "adceabc2-5b04-4d3e-a617-130e86347d6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "MISP/d8e40798-9018-4ea0-af61-fb51ab351246", "content": "", "creation_timestamp": "2023-02-24T09:00:01.000000Z"}, {"uuid": "238f505d-04e6-434b-bd31-14883fdb2824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-06)", "content": "", "creation_timestamp": "2025-02-06T00:00:00.000000Z"}, {"uuid": "a575b59a-2610-42af-8723-84344605ff6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "7300dbdb-8f8d-4266-97fe-2d5dfcc0ec9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "8c3311f3-ce0d-4854-999c-8aa658c181ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "64b8d54b-57b1-4505-90cd-ab6755403e35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "db11670a-2bec-420a-b5d4-cf996466951a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:48.000000Z"}, {"uuid": "256e98cc-f63e-4dce-bb0f-912ddb637914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "36f79254-7324-4123-8ee1-c6033f4e600e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-07)", "content": "", "creation_timestamp": "2025-03-07T00:00:00.000000Z"}, {"uuid": "3d2c58f9-6938-4ba9-96a0-13dfe0470f98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "c338e685-37c2-463f-a1b5-b80cf258edee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-21)", "content": "", "creation_timestamp": "2025-02-21T00:00:00.000000Z"}, {"uuid": "d8d26362-b027-4216-ba84-a93a983839d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-27)", "content": "", "creation_timestamp": "2025-06-27T00:00:00.000000Z"}, {"uuid": "3ee6016e-a5cc-4a15-a85f-b2caa768a992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "3807c4be-c6e0-4cf5-888b-6deec4aa0090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-01)", "content": "", "creation_timestamp": "2025-07-01T00:00:00.000000Z"}, {"uuid": "ceaa6572-48c0-4ac7-b4b5-5041bd8a54b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-07)", "content": "", "creation_timestamp": "2025-04-07T00:00:00.000000Z"}, {"uuid": "a4cb5a48-4dac-4587-8e93-8ccfeafaea3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-11)", "content": "", "creation_timestamp": "2025-04-11T00:00:00.000000Z"}, {"uuid": "bf76ec78-dc2c-4797-8887-4870f43ccc00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-14)", "content": "", "creation_timestamp": "2025-04-14T00:00:00.000000Z"}, {"uuid": "f6a8a5a3-4cd3-4cfa-860f-1fa8333eb426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-05)", "content": "", "creation_timestamp": "2025-06-05T00:00:00.000000Z"}, {"uuid": "204469fb-65bc-4d9f-b086-8556618f9bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-23)", "content": "", "creation_timestamp": "2025-04-23T00:00:00.000000Z"}, {"uuid": "571836fd-0f5d-4ad8-8848-77934578f1d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "0e20e920-fc85-486e-8cc0-7beb1492fcf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "30e4ce4a-6319-4c3b-a9e3-1c104fc7febe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-25)", "content": "", "creation_timestamp": "2025-06-25T00:00:00.000000Z"}, {"uuid": "ee379cc5-e456-4b36-ba6f-0ac709ce2342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-30)", "content": "", "creation_timestamp": "2025-06-30T00:00:00.000000Z"}, {"uuid": "9349b4a9-038a-49f6-bc03-287a6574769e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-17)", "content": "", "creation_timestamp": "2025-08-17T00:00:00.000000Z"}, {"uuid": "39525a82-0869-4bcc-9df0-2a273b3694e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/fortinac_keyupload_file_write.rb", "content": "", "creation_timestamp": "2023-03-14T16:24:18.000000Z"}, {"uuid": "73746765-f21b-40b8-91f4-c5fd345ab777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-09)", "content": "", "creation_timestamp": "2025-11-09T00:00:00.000000Z"}, {"uuid": "5fe63d81-5ef6-449a-b0eb-f80aacebd92f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-09)", "content": "", "creation_timestamp": "2025-12-09T00:00:00.000000Z"}, {"uuid": "4281fe47-3267-44bd-b0ef-3d8a57f54f99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:04.000000Z"}, {"uuid": "f245fd2b-44b9-4884-be79-a46245ec5ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://bsky.app/profile/concisecyber.bsky.social/post/3m5vfnyobqh2x", "content": "", "creation_timestamp": "2025-11-18T09:15:44.052414Z"}, {"uuid": "e2ae2db0-5769-454f-b74d-65d7e53f0e46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-10)", "content": "", "creation_timestamp": "2026-02-10T00:00:00.000000Z"}, {"uuid": "1a60f37a-5aa2-4f77-9150-0ef0d8716454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:46.000000Z"}, {"uuid": "2c50c576-05b3-410e-8cb1-6ad7eee34357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-05)", "content": "", "creation_timestamp": "2026-03-05T00:00:00.000000Z"}, {"uuid": "7cc34056-307a-4e00-9642-61c73a6a6cb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-17)", "content": "", "creation_timestamp": "2025-12-17T00:00:00.000000Z"}, {"uuid": "519277d0-ef8d-47c5-bd8e-e1a2c0917b5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-10)", "content": "", "creation_timestamp": "2025-12-10T00:00:00.000000Z"}, {"uuid": "c553531a-f80c-44e6-8b8c-9e129385eb5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-19)", "content": "", "creation_timestamp": "2025-12-19T00:00:00.000000Z"}, {"uuid": "3913f2fd-f999-4d7e-9e94-8c84c48be5e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "9e94def4-591c-467e-888f-37bccc8bc055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "94e61b06-7639-4137-bae5-acafd3790517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-31)", "content": "", "creation_timestamp": "2025-12-31T00:00:00.000000Z"}, {"uuid": "333905a7-0b0b-4dec-9e7c-30921403c71c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-28)", "content": "", "creation_timestamp": "2025-12-28T00:00:00.000000Z"}, {"uuid": "ff4ff816-0edb-4ab1-829b-f69eb130ceaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "7adb5b4f-8cda-413d-a9b4-b80b57927412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-02)", "content": "", "creation_timestamp": "2026-01-02T00:00:00.000000Z"}, {"uuid": "c55f2fa8-7955-4a1d-8d2c-00d21544f60a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "145d8f42-416a-4122-88c0-c225284949b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "5bb8758a-940e-4ebf-be08-c54eedc3ff04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "25997396-aa83-4ca1-aa41-48591e6cc2b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "d3149246-57ef-445e-8cb6-5fa995b75019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-10)", "content": "", "creation_timestamp": "2026-01-10T00:00:00.000000Z"}, {"uuid": "1baa2456-742b-46f4-b8e7-155b4c6ca3bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-10)", "content": "", "creation_timestamp": "2026-01-10T00:00:00.000000Z"}, {"uuid": "c9a1b207-8362-4900-bf8c-94f77817d62b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-07)", "content": "", "creation_timestamp": "2026-01-07T00:00:00.000000Z"}, {"uuid": "7976eac9-f5ab-46f6-8375-5de1dcc17d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "9baf0ee4-1137-4a3c-90fc-a62158ee0863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-20)", "content": "", "creation_timestamp": "2026-01-20T00:00:00.000000Z"}, {"uuid": "e21e3a7c-5663-436d-b6d8-67ffa379b4b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-11)", "content": "", "creation_timestamp": "2026-03-11T00:00:00.000000Z"}, {"uuid": "b0c2753d-87cc-4788-8481-4b177dff3cda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-15)", "content": "", "creation_timestamp": "2026-01-15T00:00:00.000000Z"}, {"uuid": "c8ef8f28-a426-4f1d-be04-45398f08f3da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-17)", "content": "", "creation_timestamp": "2026-01-17T00:00:00.000000Z"}, {"uuid": "d554e482-d52e-4ebd-bd75-81e709fc386a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "53f50d08-9c93-467d-b775-0ed6438e924d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-12)", "content": "", "creation_timestamp": "2026-01-12T00:00:00.000000Z"}, {"uuid": "86fb741b-e32c-44ed-8db1-4830b593aa38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-14)", "content": "", "creation_timestamp": "2026-01-14T00:00:00.000000Z"}, {"uuid": "086fb958-0827-4451-bfe0-7036976f34e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-18)", "content": "", "creation_timestamp": "2026-01-18T00:00:00.000000Z"}, {"uuid": "92e1f8f6-a90c-4c65-b993-3ee3c6998d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-19)", "content": "", "creation_timestamp": "2026-01-19T00:00:00.000000Z"}, {"uuid": "f1483a86-2fc8-43f1-8438-47c8b7b03c86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-23)", "content": "", "creation_timestamp": "2026-01-23T00:00:00.000000Z"}, {"uuid": "7140cda9-88fc-4658-83db-fbf94dbff521", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-05)", "content": "", "creation_timestamp": "2026-04-05T00:00:00.000000Z"}, {"uuid": "703b7b14-108f-43fb-ab6f-2b57cc570857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-22)", "content": "", "creation_timestamp": "2026-01-22T00:00:00.000000Z"}, {"uuid": "0059e990-3633-48fe-ae05-3b6ac389647c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=974", "content": "", "creation_timestamp": "2023-02-17T04:00:00.000000Z"}, {"uuid": "edea16f0-44a7-454b-b4e8-382429a02249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/15579", "content": "Latest news and stories from BleepingComputer.com\nExploit released for critical Fortinet RCE flaw, patch now\n\nSecurity researchers have released a proof-of-concept exploit for a critical-severity vulnerability (CVE-2022-39952) in\u00a0Fortinet's FortiNAC network access control suite. [...]", "creation_timestamp": "2023-02-22T20:28:09.000000Z"}, {"uuid": "9a758dcc-2fe7-4e43-93af-508d7a9d6c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "91ecc20c-7a70-4fb7-b683-169d31a1fca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-13)", "content": "", "creation_timestamp": "2026-04-13T00:00:00.000000Z"}, {"uuid": "fb11d0eb-7b79-4a4d-8ead-8d5233caca3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "Telegram/xsTtApY3O8LYaQlwSLnV7xep0iYsFMDc8zjy5nUPKpyG", "content": "", "creation_timestamp": "2023-02-19T08:36:16.000000Z"}, {"uuid": "0177769d-348c-45f4-8df6-9e192090f8e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://t.me/codeby_sec/7142", "content": "\u200b\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 Fortinet FortiNAC CVE-2022-39952\n\n\u0412 \u0447\u0435\u0442\u0432\u0435\u0440\u0433, 16 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2023 \u0433\u043e\u0434\u0430, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Fortinet \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 PSIRT, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0430 CVE-2022-39952, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0435\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442 FortiNAC. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f Gwendal Gu\u00e9gniaud \u0438\u0437 Fortinet, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE \u043e\u0442 root'\u0430.\n\n\ud83d\udccc \u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435\n\n#fortiner #cve #analysis", "creation_timestamp": "2023-03-01T07:19:51.000000Z"}, {"uuid": "4ab66da0-f504-42c6-a516-8c00c0ce371e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10703", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2022-39952 (CVSS score 9.8) and CVE-2021-42756 are respectively an external control of file name or path in Fortinet FortiNAC and a collection of stack-based buffer overflow issues in the proxy daemon of FortiWeb.\n\nhttps://securityaffairs.com/142553/hacking/poc-exploit-code-fortinet-fortinac.html", "creation_timestamp": "2023-02-23T05:57:38.000000Z"}, {"uuid": "fb365fb6-952a-4a51-bb6f-144999a67cb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10693", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Fortinet FortiNAC CVE-2022-39952 Deep-Dive, PoC and IOCs.\n\nAn external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.\n\n\ud83d\udd16PoC exploit here.\n\nUsage:\npython3 CVE-2022-39952.py --target IP --file payload", "creation_timestamp": "2023-02-21T14:05:40.000000Z"}, {"uuid": "d3fac344-4971-4c0e-a16a-978ebfe8f781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10690", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952).\n\nhttps://www.helpnetsecurity.com/2023/02/20/cve-2022-39952/", "creation_timestamp": "2023-02-20T17:28:42.000000Z"}, {"uuid": "a159f78b-8665-417e-8571-1ac822f8d005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "https://t.me/cKure/10712", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Fortinet Fortinac CVE-2022-39952 floor has been exploited in the wild hours after the PoC exploit was released.\n\nhttps://securityaffairs.com/142621/hacking/fortinet-fortinac-cve-2022-39952-exploitation.html", "creation_timestamp": "2023-02-24T20:46:14.000000Z"}, {"uuid": "ad9dec71-88bb-4145-95e9-28f8b3454159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/15562", "content": "\u200aExploit released for critical Fortinet RCE flaws, patch now\n\nSecurity researchers have released a proof-of-concept exploit for a critical-severity vulnerability (CVE-2022-39952) in\u00a0Fortinet's FortiNAC network access control suite. [...]\n\nhttps://www.bleepingcomputer.com/news/security/exploit-released-for-critical-fortinet-rce-flaws-patch-now/", "creation_timestamp": "2023-02-21T21:36:10.000000Z"}, {"uuid": "3969996b-92c5-42be-92be-fe38038e33e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/15559", "content": "Latest news and stories from BleepingComputer.com\nExploit released for critical Fortinet RCE flaws, patch now\n\nSecurity researchers have released a proof-of-concept exploit for a critical-severity vulnerability (CVE-2022-39952) in\u00a0Fortinet's FortiNAC network access control suite. [...]", "creation_timestamp": "2023-02-21T20:23:19.000000Z"}, {"uuid": "f77fc7c4-5d22-473e-9ec0-77541c7d32bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "https://t.me/BleepingComputer/15576", "content": "Latest news and stories from BleepingComputer.com\nHackers now exploit critical Fortinet bug to backdoor servers\n\nThreat actors are targeting\u00a0Internet-exposed Fortinet\u00a0appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution. [...]", "creation_timestamp": "2023-02-22T20:26:29.000000Z"}, {"uuid": "492c72cc-ebe7-4c74-b00c-5fefd00a79c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "https://t.me/BleepingComputer/15573", "content": "\u200aHackers now exploit critical Fortinet bug to backdoor servers\n\nThreat actors are targeting\u00a0Internet-exposed Fortinet\u00a0appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-now-exploit-critical-fortinet-bug-to-backdoor-servers/", "creation_timestamp": "2023-02-22T20:06:44.000000Z"}, {"uuid": "4805a2db-88df-48a9-ae8e-8d7c9c0a2f11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://t.me/poxek/2744", "content": "Fortinet FortiNAC Unauthenticated RCE\n\n\u0412 \u0447\u0435\u0442\u0432\u0435\u0440\u0433, 16 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2023 \u0433\u043e\u0434\u0430, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Fortinet \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 PSIRT, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0430 CVE-2022-39952, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0435\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442 FortiNAC. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f Gwendal Gu\u00e9gniaud \u0438\u0437 Fortinet, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE \u043e\u0442 root'\u0430.\n\n#fortinet #CVE #POC", "creation_timestamp": "2023-02-27T12:09:10.000000Z"}, {"uuid": "2149415f-d3cd-4256-9a5b-e1570e001854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/L2RV6U3b5nVZIy3J1ic8uKCEFLD48HWA4eZnFzD5lipdDRQ", "content": "", "creation_timestamp": "2023-03-08T07:56:40.000000Z"}, {"uuid": "b0720e6f-610e-4b18-a942-5c9d24800220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/160", "content": "Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs\n\n\ud83d\udc64 by Zach Hanley\n\nOn Thursday, 16 February 2022, Fortinet released a PSIRT that details CVE-2022-39952, a critical vulnerability affecting its FortiNAC product. This vulnerability, discovered by Gwendal Gu\u00e9gniaud of Fortinet, allows an unauthenticated attacker to write arbitrary files on the system and as a result obtain remote code execution in the context of the root user.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction\n\u25cf Extracting the System\n\u25cf The Vulnerability\n\u25cf Weaponization of the Issue\n\u25cf Indicators of Compromise\n\nhttps://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/", "creation_timestamp": "2023-02-22T06:18:06.000000Z"}, {"uuid": "00aaff58-7eac-4e31-859d-8d806667c513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/bluzvfahL1FEA3QvCDZTmn2HDQt8Wv1Nf8M23zEpMwUMhqw", "content": "", "creation_timestamp": "2023-03-08T07:56:22.000000Z"}, {"uuid": "ff6fe72f-05b6-428f-a9f0-12d551d004ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/1a7NWt8bN1GelvhRSHqvS3B7-bq6UO2i8jRKwkER1HNo85Q", "content": "", "creation_timestamp": "2023-03-31T11:34:35.000000Z"}, {"uuid": "c3a819ad-c6d0-4034-99f7-cb4d0a79440a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/RAT070/350", "content": "CVE-2022-39952 : Fortinet FortiNAC - Unauthenticated RCE\u00a0 \nPOC :\n https://github.com/horizon3ai/CVE-2022-39952\n\n\n\n\n\u062a\u0645 \u0625\u0646\u0634\u0627\u0621 \u0647\u0630\u0627 \u0627\u0644\u0628\u0631\u0646\u0627\u0645\u062c \u0644\u0623\u063a\u0631\u0627\u0636 \u0627\u0644\u0628\u062d\u062b \u0627\u0644\u0623\u0643\u0627\u062f\u064a\u0645\u064a \u0641\u0642\u0637 \u0648\u0644\u062a\u0637\u0648\u064a\u0631 \u062a\u0642\u0646\u064a\u0627\u062a \u062f\u0641\u0627\u0639\u064a\u0629 \u0641\u0639\u0627\u0644\u0629 \u060c \u0648\u0644\u064a\u0633 \u0627\u0644\u063a\u0631\u0636 \u0645\u0646\u0647 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647 \u0644\u0645\u0647\u0627\u062c\u0645\u0629 \u0627\u0644\u0623\u0646\u0638\u0645\u0629 \u0628\u0627\u0633\u062a\u062b\u0646\u0627\u0621 \u0627\u0644\u0623\u0645\u0627\u0643\u0646 \u0627\u0644\u0645\u0635\u0631\u062d \u0628\u0647\u0627 \u0635\u0631\u0627\u062d\u0629\u064b. \u0645\u0634\u0631\u0641\u0648 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0644\u064a\u0633\u0648\u0627 \u0645\u0633\u0624\u0648\u0644\u064a\u0646 \u0623\u0648 \u0645\u0633\u0624\u0648\u0644\u064a\u0646 \u0639\u0646 \u0625\u0633\u0627\u0621\u0629 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0628\u0631\u0646\u0627\u0645\u062c. \u0627\u0633\u062a\u062e\u062f\u0645 \u0628\u0645\u0633\u0624\u0648\u0644\u064a\u0629.", "creation_timestamp": "2023-10-22T17:56:08.000000Z"}, {"uuid": "ddf0a8a0-3388-4606-9b10-2981a85d7c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "https://t.me/ctinow/95289", "content": "Fortinet FortiNAC CVE-2022-39952 flaw exploited in the wild hours after the release of PoC exploit\n\nhttps://ift.tt/mrcOhHY", "creation_timestamp": "2023-02-23T21:06:24.000000Z"}, {"uuid": "eebe46e6-9048-4811-abe1-7db5d7f81fd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://t.me/ctinow/94711", "content": "PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)\n\nhttps://ift.tt/V8F04Tk", "creation_timestamp": "2023-02-21T16:41:07.000000Z"}, {"uuid": "d8d25c78-e57d-4588-b85e-12bb25f29f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/94673", "content": "Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs\n\nhttps://ift.tt/Sq9uzft", "creation_timestamp": "2023-02-21T15:01:50.000000Z"}, {"uuid": "fb343e6f-b768-45c3-a534-49de702623c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/94426", "content": "Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)\n\nhttps://ift.tt/Gvx0Y8y", "creation_timestamp": "2023-02-20T07:21:35.000000Z"}, {"uuid": "25d2f421-567a-43a6-b83b-0540182e4bc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "84730254-8ed1-471e-8ebc-6eab44f2f623", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/1736", "content": "Fortinet FortiNAC Unauthenticated RCE\n\nPoC:\nhttps://github.com/horizon3ai/CVE-2022-39952\n\nResearch: \nhttps://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/\n\n#fortinet #fortinac #rce #cve", "creation_timestamp": "2023-03-01T07:14:48.000000Z"}, {"uuid": "2db002ab-994e-4c0e-8b82-03d674de5e2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/JStzExkQ5L9j-72iOnxfyDBcSxtmM8LMXHCAWu85VT4HSKs", "content": "", "creation_timestamp": "2023-02-21T18:42:03.000000Z"}, {"uuid": "6dc1d5c8-6077-4ccf-9857-0513547e70f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/7uwVn_ACC1sP38xQWNSUhY9FlJBeOr0mtOpWUsYxOhHaDfM", "content": "", "creation_timestamp": "2023-02-26T12:28:36.000000Z"}, {"uuid": "216ed644-c3ef-42e3-9a96-58c71b9a2d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/X0DeSrdcPMWZNmND9iVB6SjJNhUyoh4IGXeNfo81nFIIiyk", "content": "", "creation_timestamp": "2023-02-21T21:01:43.000000Z"}, {"uuid": "732fcf8e-084a-490f-a733-e8f1d57d25ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/JdLIVKVqF7N3r4MZogZKYSzXDVHH1BlYMt5IJB5974PanGQ", "content": "", "creation_timestamp": "2023-02-21T16:18:39.000000Z"}, {"uuid": "aff45189-09db-4182-bbe4-0539cbb2666f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/706", "content": "CVE-2022-39952 : Fortinet FortiNAC Deep-Dive and IOCs\nhttps://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/", "creation_timestamp": "2023-02-24T18:30:00.000000Z"}, {"uuid": "45bd13a1-1b8c-498a-be1e-7dfb4a16cae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1393", "content": "CVE-2022-39952 Fortinet FortiNAC \nCVSS score of 9.8\n\n\u041f\u0440\u043e\u0434\u0443\u043a\u0442\u044b, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e:\n    FortiNAC version 9.4.0\n    FortiNAC version 9.2.0 through 9.2.5\n    FortiNAC version 9.1.0 through 9.1.7\n    FortiNAC 8.8 all versions\n    FortiNAC 8.7 all versions\n    FortiNAC 8.6 all versions\n    FortiNAC 8.5 all versions, and\n    FortiNAC 8.3 all versions\n\nPOC exploit\n\n#forti #poc", "creation_timestamp": "2023-02-21T15:48:48.000000Z"}, {"uuid": "c45cd9f7-52e5-4b93-888d-23c7633dbc93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/WZPr1OwRePqVHQ5e_YvPZlA3Nw9YwdG_MVzdeLoxetPvIvg", "content": "", "creation_timestamp": "2023-04-13T06:33:05.000000Z"}, {"uuid": "2937ac3b-388d-41ff-b38e-cc95130677f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/705", "content": "CVE-2022-39952 : Fortinet FortiNAC - Unauthenticated RCE  \nPOC : https://github.com/horizon3ai/CVE-2022-39952", "creation_timestamp": "2023-02-23T06:30:00.000000Z"}, {"uuid": "0d27601c-2af3-489a-ba04-7a161f72ec9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "Telegram/Fq6TfgfJ5uAccya2ISlN0dAzRKndmEnMUXeam27My2Av-ZE", "content": "", "creation_timestamp": "2023-04-01T00:34:10.000000Z"}, {"uuid": "6eb176f3-6dbd-433c-941b-3ce63e580513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://t.me/true_secator/4536", "content": "Fortinet \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 FortiNAC, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-33299 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0424\u043b\u043e\u0440\u0438\u0430\u043d\u043e\u043c \u0425\u0430\u0443\u0437\u0435\u0440\u043e\u043c \u0438\u0437 Code White \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,6 \u0438\u0437 10.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a \u0441\u043b\u0443\u0436\u0431\u0435 TCP/1050.\n\n\u041f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 FortiNAC \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 9.4.0-9.4.2, 9.2.0-9.2.7, 9.1.0-9.1.9, 7.2.0-7.2.1, \u0430 \u0442\u0430\u043a\u0436\u0435 8.3, 8.5-8.8 (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0432 9.4.3, 9.2.8, 9.1.10 \u0438 7.2.2 (\u0438\u043b\u0438 \u0432\u044b\u0448\u0435).\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043a\u0440\u043e\u043c\u0435, \u043a\u0430\u043a \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.\n\n\u041d\u0430\u0440\u044f\u0434\u0443 \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE, Fortinet \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 CVE-2023-33300, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e FortiNAC 9.4.0-9.4.3 \u0438 7.2.0-7.2.1.\n\n\u041e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0434\u0440\u0443\u0433\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044f \u0432\u0432\u043e\u0434\u0430.\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043b\u0438\u0448\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0441\u043e\u0431\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f \u043a \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c Fortinet, \u0430\u0434\u043c\u0438\u043d\u043e\u0432 \u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0418\u0411 \u0432\u043f\u0435\u0440\u0435\u0434\u0438 \u043e\u0436\u0438\u0434\u0430\u044e\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435.\n\n\u0412\u0435\u0434\u044c \u043a\u0430\u043a \u043c\u044b \u043f\u043e\u043c\u043d\u0438\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE (CVE-2022-39952) \u0432 FortiNAC \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u0440\u0443 \u0434\u043d\u0435\u0439.\n\n\u041d\u043e, \u043f\u0440\u043e \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 - \u043f\u043e\u043f\u043e\u0437\u0436\u0435.", "creation_timestamp": "2023-06-23T17:20:05.000000Z"}, {"uuid": "e649fa96-81a0-4cef-b851-d7f0af232681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/zero_day_uz/306", "content": "Fortinet FortiNAC Unauthenticated RCE\n\nPoC:\nhttps://github.com/horizon3ai/CVE-2022-39952\n\nResearch: \nhttps://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/\n\n#fortinet #fortinac #rce #cve", "creation_timestamp": "2023-03-01T07:25:13.000000Z"}, {"uuid": "8efb68e8-4990-4c87-9725-8f02cdd1467c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/19322", "content": "\u05e2\u05d5\u05d3 \u05dc\u05d0 \u05e2\u05d9\u05d3\u05db\u05e0\u05ea\u05dd? \u05e9\u05d5\u05d7\u05e8\u05e8 POC \u05dc\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 FortiNac \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Fortinet.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 CVE-2022-39952 \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05ea\u05d5\u05e7\u05e3 \u05e9\u05dc\u05d0 \u05e2\u05d1\u05e8 \u05d6\u05d9\u05d4\u05d5\u05d9 \u05dc\u05db\u05ea\u05d5\u05d1 \u05e7\u05d1\u05e6\u05d9\u05dd \u05d5\u05dc\u05d4\u05e8\u05d9\u05e5 \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 \u05d1\u05de\u05db\u05e9\u05d9\u05e8\u05d9\u05dd \u05d4\u05e4\u05d2\u05d9\u05e2\u05d9\u05dd, \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05d9\u05d1\u05dc\u05d4 \u05d3\u05d9\u05e8\u05d5\u05d2 \u05e8\u05de\u05ea \u05e1\u05d9\u05db\u05d5\u05df \u05e9\u05dc 9.8. \ud83d\udea8\n\n\u05d4\u05de\u05d5\u05e6\u05e8\u05d9\u05dd \u05d5\u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d1\u05d4\u05df \u05e7\u05d9\u05d9\u05de\u05ea \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05de\u05d5\u05e4\u05d9\u05e2\u05d9\u05dd \u05db\u05d0\u05df.\n\u05d4-POC \u05e4\u05d5\u05e8\u05e1\u05dd \u05db\u05d0\u05df.\n\nhttps://t.me/CyberSecurityIL/2741\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2023-02-21T22:41:18.000000Z"}, {"uuid": "1dff2c4c-3f41-49aa-8938-ff7be155d5c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://t.me/true_secator/4087", "content": "Fortinet \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f 40 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0\u0432 \u0441\u0432\u043e\u0435\u0439 \u043b\u0438\u043d\u0435\u0439\u043a\u0435 \u041f\u041e, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 FortiWeb, FortiOS, FortiNAC \u0438 FortiProxy.\n\n\u0414\u0432\u0430 \u0438\u0437 40 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, 15 \u2014 \u043a\u0430\u043a \u0432\u044b\u0441\u043e\u043a\u0438\u0435, 22 \u2014 \u043a\u0430\u043a \u0441\u0440\u0435\u0434\u043d\u0438\u0435 \u0438 \u043e\u0434\u0438\u043d \u2014 \u043a\u0430\u043a \u043d\u0438\u0437\u043a\u0438\u0439.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f RCE-\u043e\u0448\u0438\u0431\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 FortiNAC (CVE-2022-39952) \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 9,8.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u043b\u0438\u044f\u044e\u0449\u0430\u044f \u043d\u0430 FortiNAC (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 9.4.0, \u0441 9.2.0 \u043f\u043e 9.2.5, \u0441 9.1.0 \u043f\u043e 9.1.7, 8.8, 8.7, 8.6, 8.5 \u0438 8.3), \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-39952\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS v3 9,8 (\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f).\n\nFortiNAC \u2014 \u044d\u0442\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0441\u0435\u0442\u0438 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0442\u044c \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u0412\u043d\u0435\u0448\u043d\u0438\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0438\u043c\u0435\u043d\u0435\u043c \u0444\u0430\u0439\u043b\u0430 \u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u0443\u0442\u0438 [CWE-73] \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 FortiNAC \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 FortiNAC 7.2.0, 9.1.8, 9.1.8 \u0438 9.1.8.\n\n\u0412\u0442\u043e\u0440\u044b\u043c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0441\u0442\u0435\u043a\u0430 \u0432 \u043f\u0440\u043e\u043a\u0441\u0438-\u0434\u0435\u043c\u043e\u043d\u0435 FortiWeb (CVE-2021-42756 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,3), \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e CVE, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0435\u0449\u0435 \u0432 2021 \u0433\u043e\u0434\u0443, \u043d\u043e \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u043b\u0430\u0441\u044c. CVE-2021-42756 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u043d\u0438\u0436\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 FortiWeb (5.x, 6.0.7, 6.1.2, 6.2.6, 6.3.16 \u0438 6.4), \u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 FortiWeb 6.0.8, 6.1.3, 6.2.7, 6.3.17 \u0438 7.0.0.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Fortinet, \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\nHorizon3 \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c PoC \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2023-02-20T09:47:48.000000Z"}, {"uuid": "17a5cb0b-0c9f-43c6-acd2-63ba9d3fbb1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4101", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 PoC \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2022-39952) \u0432 \u043f\u0430\u043a\u0435\u0442\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 FortiNAC \u043e\u0442 Fortinet.\n\nFortinet \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 16 \u0444\u0435\u0432\u0440\u0430\u043b\u044f\u00a0\u0438 \u043e\u0446\u0435\u043d\u0438\u043b\u0430 \u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c \u0432 9,8 \u0431\u0430\u043b\u043b\u043e\u0432. \u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0433\u043e \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 RCE \u0441 \u043d\u0430\u0438\u0432\u044b\u0441\u0448\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c FortiNAC 9.4.0, \u0441 9.2.0 \u043f\u043e 9.2.5, \u0441 9.1.0 \u043f\u043e 9.1.7, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0432\u0435\u0442\u043e\u043a 8.8, 8.7, 8.6, 8.5 \u0438 8.3, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0434\u0435\u043b\u044f\u0442\u044c \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043d\u043e\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043a\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 (\u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub) \u0440\u0435\u0441\u0441\u0435\u0440\u0447\u0435\u0440\u044b Horizon3 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\nPoC \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430\u0434\u0430\u043d\u0438\u044f cron \u0432 /etc/cron.d/, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043a\u0430\u0436\u0434\u0443\u044e \u043c\u0438\u043d\u0443\u0442\u0443, \u0447\u0442\u043e\u0431\u044b \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0432\u0435\u0440\u0441\u0438\u0432\u043d\u0443\u044e \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 root \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0435\u043c\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c RCE.\n\n\u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2022-39952 \u0443\u0434\u0430\u043b\u0438\u043b\u043e \u00abkeyUpload.jsp\u00bb, \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u00abkey\u00bb, \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0435\u0433\u043e \u0432 \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0430 \u0437\u0430\u0442\u0435\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 bash \u00abconfigApplianceXml\u00bb.\n\n\u0421\u0446\u0435\u043d\u0430\u0440\u0438\u0439 bash \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u00ab\u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u0430\u0442\u044c\u00bb \u0434\u043b\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u0437\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430, \u043d\u043e \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u0435\u0440\u0435\u0434 \u044d\u0442\u0438\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u00abcd /\u00bb. \u0420\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043f\u043e \u043b\u044e\u0431\u044b\u043c \u043f\u0443\u0442\u044f\u043c, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u043d\u0435 \u0432\u044b\u0445\u043e\u0434\u044f\u0442 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c ZIP-\u0430\u0440\u0445\u0438\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443, \u0443\u043a\u0430\u0437\u0430\u0432, \u043a\u0443\u0434\u0430 \u0435\u0435 \u043d\u0443\u0436\u043d\u043e \u0438\u0437\u0432\u043b\u0435\u0447\u044c, \u0430 \u0437\u0430\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0435\u0433\u043e \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043a\u043b\u044e\u0447\u0435\u0432\u043e\u0439 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440.\n\n\u041f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u00abkey\u00bb \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u0434\u043e\u0441\u0442\u0438\u0433\u043d\u0435\u0442 \u00abkeyUpload.jsp\u00bb, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u043e\u0439 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Fortinet \u0443\u0434\u0430\u043b\u0438\u043b \u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 FortiNAC.\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c FortiNAC \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430, \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-39952: \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, FortiNAC 9.4.1 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435, 9.2.6 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435, 9.1.8 \u0438\u043b\u0438 \u043d\u043e\u0432\u0435\u0435 \u0438 7.2. .0 \u0438\u043b\u0438 \u043d\u043e\u0432\u0435\u0435.", "creation_timestamp": "2023-02-22T11:20:08.000000Z"}, {"uuid": "15f40e4b-b818-42a3-b2b3-f82f065cd467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2639", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25Fortinet FortiNAC CVE-2022-39952 Deep-Dive, PoC and IOCs\nAn external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.\n\n\ud83d\udd16PoC exploit here", "creation_timestamp": "2023-02-21T14:50:17.000000Z"}, {"uuid": "5122c34e-84cb-4bdd-8ea0-d65ead4afccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/13663", "content": "\u0414\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Fortinet \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2022-39952) \u0432 Fortinet FortiNAC. \u042d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432 9,8 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043d\u0430\u0438\u0432\u044b\u0441\u0448\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\nhttps://xakep.ru/2023/02/22/fortinac-poc/", "creation_timestamp": "2023-02-22T12:36:38.000000Z"}, {"uuid": "c01ec206-8a9a-4ca8-8dee-00cef2b2d004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://t.me/theninjaway1337/1283", "content": "Fortinet emite patches para 40 falhas que afetam o FortiWeb, FortiOS, e FortiProxy\n\nA\u00a0Fortinet\u00a0lan\u00e7ou atualiza\u00e7\u00f5es de seguran\u00e7a para solucionar 40 vulnerabilidades em sua linha de software, incluindo FortiWeb, FortiOS, FortiNAS e FortiProxy, entre outros.\nDuas das\u00a040 falhas\u00a0s\u00e3o classificadas como Cr\u00edticas, 15 s\u00e3o classificadas como Altas, 22 s\u00e3o classificadas como M\u00e9dias e uma \u00e9 classificada como Baixa em gravidade.\nNo topo da lista est\u00e1 um bug grave que reside na solu\u00e7\u00e3o de controle de acesso \u00e0 rede FortiNAC (CVE-2022-39952, pontua\u00e7\u00e3o CVSS: 9,8) que pode levar \u00e0 execu\u00e7\u00e3o arbitr\u00e1ria do c\u00f3digo.\n\nhttps://boletimsec.com.br/fortinet-emite-patches-para-40-falhas-que-afetam-o-fortiweb-fortios-e-fortiproxy/", "creation_timestamp": "2023-02-21T12:20:53.000000Z"}, {"uuid": "693d27d7-3915-4f63-9b6c-54e200603dfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "exploited", "source": "https://t.me/information_security_channel/49615", "content": "Fortinet FortiNAC Vulnerability Exploited in Wild Days After Release of Patch\nhttps://www.securityweek.com/fortinet-fortinac-vulnerability-exploited-in-wild-days-after-release-of-patch/\n\nHackers started exploiting the Fortinet FortiNAC vulnerability CVE-2022-39952 the same day a PoC exploit was released.\nThe post Fortinet FortiNAC Vulnerability Exploited in Wild Days After Release of Patch (https://www.securityweek.com/fortinet-fortinac-vulnerability-exploited-in-wild-days-after-release-of-patch/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-02-23T18:20:32.000000Z"}, {"uuid": "5f1cce61-bacf-49c5-9275-0cc4bfc856d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://t.me/information_security_channel/49625", "content": "Fortinet Shares Clarifications on Exploitation of FortiNAC Vulnerability\nhttps://www.securityweek.com/fortinet-shares-clarifications-on-exploitation-of-fortinac-vulnerability/\n\nFortinet provides clarifications following \u2018sensationalized reports\u2019 related to exploitation attempts targeting the FortiNAC vulnerability CVE-2022-39952\nThe post Fortinet Shares Clarifications on Exploitation of FortiNAC Vulnerability (https://www.securityweek.com/fortinet-shares-clarifications-on-exploitation-of-fortinac-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-02-24T21:16:55.000000Z"}, {"uuid": "634ba036-ab5f-43d5-895a-697d3143d170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "a381ac26-498a-4e17-af14-6a7f498b4fcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/459", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25Fortinet FortiNAC CVE-2022-39952 Deep-Dive, PoC and IOCs\nAn external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.\n\n\ud83d\udd16PoC exploit here\nUsage:\npython3 CVE-2022-39952.py --target IP --file payload", "creation_timestamp": "2023-02-21T22:28:30.000000Z"}, {"uuid": "17a27e25-fde7-4dd4-843c-1c88d12b7532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "https://t.me/haccking/9212", "content": "\ud83d\udd24\ud83d\udd24\ud83d\udd24   \ud83d\udd24\ud83d\udd24\ud83d\udd24\ud83d\udd24\ud83d\udd24\ud83d\udd24\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 Fortinet FortiNAC CVE-2022-39952", "creation_timestamp": "2023-03-03T10:50:03.000000Z"}, {"uuid": "9d2f6e85-2a21-4990-8947-b556c19ea68b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4711", "content": "POC for CVE-2022-39952\n\nGithub\n\n#CVE #POC #Payload\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:05.000000Z"}, {"uuid": "394eb987-91f5-4f20-8cfb-8fd20703d9af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7819", "content": "#exploit\nCVE-2022-39952:\nUnauthenticated RCE in Fortinet FortiNAC", "creation_timestamp": "2024-06-22T15:22:46.000000Z"}, {"uuid": "d088828a-95e8-494a-a3df-8296b363f413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-05)", "content": "", "creation_timestamp": "2026-05-05T00:00:00.000000Z"}, {"uuid": "743e39be-e376-47bb-bcc6-2f2bd3b88825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "Telegram/gT5_rH6SbQjCDL5CnTfdxn2Fj6qxX4lRf2Kzqc0ICHxoeYM", "content": "", "creation_timestamp": "2023-04-02T20:32:57.000000Z"}, {"uuid": "6883ba85-ae7c-431a-9549-505bf7568826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39952", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-07)", "content": "", "creation_timestamp": "2026-05-07T00:00:00.000000Z"}]}