Lucene search
K

24 matches found

GithubExploit
GithubExploit
added 2026/02/27 6:13 p.m.192 views

Exploit for Numeric Truncation Error in Fortinet Fortios

CVE-2022-42475 Background This is the exploit for the blog...

9.8CVSS6.1AI score0.99474EPSS
Exploits11
RedhatCVE
RedhatCVE
added 2026/01/09 8:43 a.m.9 views

CVE-2022-42475

A heap-based buffer overflow vulnerability CWE-122 in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute...

9.8CVSS8.7AI score0.99474EPSS
Exploits11References1
GithubExploit
GithubExploit
added 2024/11/14 2:41 p.m.283 views

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

Usage: python3 cve-2022-42475.py rhost rport lhost lport Exempl...

9.8CVSS10AI score0.99474EPSS
Exploits19
The Hacker News
The Hacker News
added 2024/09/10 3:48 p.m.43 views

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses SMBs in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously...

10CVSS7.4AI score0.99512EPSS
Exploits153
The Hacker News
The Hacker News
added 2024/06/19 3:9 p.m.97 views

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying

The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...

9.8CVSS8AI score0.99474EPSS
Exploits13
The Hacker News
The Hacker News
added 2024/02/07 6:29 a.m.114 views

Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network

Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This computer network was used for unclassified research and development R&D," the Dutch Military Intelligence and Security Service MIVD said in a statement...

9.8CVSS9.9AI score0.99474EPSS
Exploits11
ICS
ICS
added 2023/09/07 12:0 p.m.88 views

Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

Actions to take today to mitigate malicious cyber activity: 1. Patch all systems for known exploited vulnerabilities KEVs, including firewall security appliances. 2. Monitor for unauthorized use of remote access software using endpoint detection tools. 3. Remove unnecessary disabled accounts and...

10CVSS10AI score0.99999EPSS
Exploits375References152
GithubExploit
GithubExploit
added 2023/06/21 9:22 p.m.391 views

Exploit for Out-of-bounds Write in Fortinet Fortios

CVE-2022-42475 Background This is the exploit for the blog...

9.8CVSS9.8AI score0.99474EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/03/23 6:48 a.m.10 views

Exploit for Out-of-bounds Write in Fortinet Fortios

CVE-2022-42475-RCE-POC Vulnerability Name CVE-2022-4247...

9.8CVSS8AI score0.99474EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/03/23 6:48 a.m.660 views

Exploit for Out-of-bounds Write in Fortinet Fortios

CVE-2022-42475-RCE-POC Vulnerability Name CVE-2022-4247...

9.8CVSS8AI score0.99474EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/03/16 12:5 a.m.392 views

Exploit for Out-of-bounds Write in Fortinet Fortios

FortiOS SSL-VPN buffer overflow vulnerability cve-2022-424...

9.8CVSS10AI score0.99474EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/02/23 10:4 a.m.475 views

Exploit for Out-of-bounds Write in Fortinet Fortios

cve-2022-42475 POC code to exploit the Heap overflow in For...

9.8CVSS9.9AI score0.99474EPSS
Exploits11
hivepro
hivepro
added 2023/01/23 3:34 a.m.107 views

New BOLDMOVE Backdoor uses FortiOS vulnerability for initial access

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A suspected China-nexus campaign has exploited a vulnerability in Fortinets FortiOS SSL-VPN, known as CVE-2022-42475. The exploitation was believed to have occurred as early as October 2022 and the targe...

2.7AI score0.99474EPSS
Exploits11
The Hacker News
The Hacker News
added 2023/01/13 9:41 a.m.102 views

FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations

A zero-day vulnerability in FortiOS SSL-VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting governments and other large organizations. "The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or...

9.8CVSS1.8AI score0.99474EPSS
Exploits11
Trellix
Trellix
added 2023/01/04 12:0 a.m.84 views

The Bug Report December 2022 Edition

The Bug Report — December 2022 Edition By Trellix · January 4, 2023 This story was also written by John Borrero Rodriguez Everyone gets it Why am I here? Ho Ho Ho! Welcome back to the Bug Report, or a more fitting name for this time of year: The NAUGHTY List! Yes, we checked it twice. It is no...

9.2AI score0.99474EPSS
Exploits14
OSV
OSV
added 2023/01/02 9:15 a.m.4 views

CVE-2022-42475

A heap-based buffer overflow vulnerability CWE-122 in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute...

9.8CVSS7.8AI score0.99474EPSS
Exploits11References2
Vulnrichment
Vulnrichment
added 2023/01/02 8:18 a.m.24 views

CVE-2022-42475

A heap-based buffer overflow vulnerability CWE-122 in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute...

9.8CVSS8.7AI score0.99474EPSS
Exploits11References1
CVE
CVE
added 2023/01/02 8:18 a.m.996 views

CVE-2022-42475

Fortinet FortiOS SSL-VPN (and FortiProxy SSL-VPN) suffer a heap-based buffer overflow (CWE-122) leading to remote code execution. A remote unauthenticated attacker can trigger via crafted requests, affecting FortiOS/FortiProxy versions up to 7.2.2, 7.0.x, 6.4.x, 6.2.x, 6.0.x and earlier. CVSS v3....

9.8CVSS9.9AI score0.99474EPSS
In wildExploits11References2Affected Software1
hivepro
hivepro
added 2022/12/13 11:11 a.m.55 views

Active exploitation of the Fortinet pre-auth RCE vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet has addressed a critical security flaw in its FortiOS SSL-VPN product, which is being actively exploited in the wild. The heap-based buffer overflow bug in FortiOS sslvpnd is listed as...

2AI score0.99474EPSS
Exploits11
The Hacker News
The Hacker News
added 2022/12/13 3:34 a.m.101 views

Fortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability

Fortinet on Monday issued emergency patches for a severe security flaw affecting its FortiOS SSL-VPN product that it said is being actively exploited in the wild. Tracked as CVE-2022-42475 CVSS score: 9.3, the critical bug relates to a heap-based buffer overflow vulnerability that could allow an...

9.8CVSS3.8AI score0.99984EPSS
Exploits36
Rows per page
Query Builder