VPN Hacking: Authentication Bypass on Fortinet Fortios

A naukri.com initiative

New

VPN Hackin...

Hackers-Arise

261

Image Credit: Hackers-Arise

A vulnerability was discovered in Fortinet's FortiOS, FortiProxy, and FortiSwitchManager, allowing attackers to bypass authentication and log in as admin.
Security researchers developed a proof of concept exploit for this vulnerability.
Attackers can upload their own SSH keys to the Fortinet device via the web server.
Login attempts to SSH on the Fortinet device can lead to lockout after 3 failed attempts.
Users are advised to create a pair of RSA keys for SSH when attempting to login.
A proof-of-concept exploit for CVE-2022-40684 is available on GitHub for exploiting the vulnerability.
The exploit involves pointing towards the target system IP address, defining the username to exploit, and sending the keyfile for the SSH user to the server.
By successfully adding the key file to the SSH server, attackers can log in as admin and gain complete control of the Fortinet device.
Once logged in as admin, attackers can manipulate the device, monitor traffic, and perform various actions.
The vulnerabilities in VPNs and routers pose significant security risks, as many devices lack basic cybersecurity practices.
Testing the security of these devices is crucial, and a necessary aspect of any pentest or cyberwar strategy.
There is a call to attend upcoming VPN and Router Hacking training to learn techniques for testing and hacking vulnerable devices.

Read Full Article

15 Likes

For uninterrupted reading, download the app