Producing a POC for CVE-2022-42475 (Fortinet RCE)

Late last year a new remote code execution vulnerability was discovered in Fortinet’s SSLVPN service. Given the relative lack of information surrounding it at the time, and the fact I’d have some uninterrupted research time due to a lengthy flight, I decided to attempt to produce a POC for the vulnerability.

Continue reading Producing a POC for CVE-2022-42475 (Fortinet RCE)