Fortigate OS 4.x < 5.0.7 – SSH Backdoor

SOURCE: https://www.exploit-db.com/exploits/39224/

This remote exploit which allows remote attackers to obtain administrative access via an SSH session

Affected device:
-FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5
-FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8
-FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8

# mv 39224.py fgt_ssh_backdoor.py
# chmod 744 fgt_ssh_backdoor.py
# ./fgt_ssh_backdoor.py targetip
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s