## https://sploitus.com/exploit?id=SAINT:3D9272E5DF5B68BC6BFFAC8C65DC1FDF
Added: 02/24/2023
### Background
[FortiNAC](<https://www.fortinet.com/products/network-access-control>) is a network access control solution.
### Problem
A vulnerability in the `**keyUpload.jsp**` resource allows remote attackers to write arbitrary files by uploading a specially crafted zip file, leading to command execution.
### Resolution
Upgrade to FortiNAC 7.2.0, 9.1.8, 9.2.6, 9.4.1 or higher.
### References
<https://www.fortiguard.com/psirt/FG-IR-22-300>
<https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/>
### Platforms
FortiNAC