CVE-2022-38372: Hidden Functionality Vulnerability in FortiTester CLI with Potential Root Shell Access

A recently discovered vulnerability in FortiTester, a popular network testing and security product, has been assigned the CVE identifier CVE-2022-38372. This issue, classified as a hidden functionality vulnerability (CWE-1242), affects FortiTester Command-Line Interface (CLI) versions 2.3. through 3.9.1, 4.. through 4.2., and 7.. through 7.1.. Specifically, an undocumented command could allow local, privileged users to gain root shell access on the device, enabling them to execute unauthorized commands and compromise overall network security.

Code Snippet

Upon investigation, the vulnerability's origin stems from an undocumented command existing within the FortiTester CLI. The following code snippet demonstrates the unauthorized command:

fortitester> enable_root_shell

By executing this command as a privileged user, like an administrator, the FortiTester CLI provides root shell access to the device. Consequently, gaining unauthorized control over the device's functionalities.

Exploit Details

The primary risk associated with the CVE-2022-38372 hidden functionality vulnerability is the potential for a local, privileged user to exploit the undocumented command and gain root shell access on the device, potentially causing widespread damage. This could lead to unauthorized activities, including but not limited to:

Compromising overall network security infrastructure.

To exploit this vulnerability, an attacker must first gain privileged access to the FortiTester CLI. Once they have access, they can then execute the undocumented command, as demonstrated in the code snippet above.

For more information on this vulnerability, please refer to the original references below

1. Common Vulnerabilities and Exposures (CVE) Reference: CVE-2022-38372
2. Common Weakness Enumeration (CWE): CWE-1242: Improper Access Control of a Resource Through Its Identifier
3. FortiTester Product Information: FortiTester - Testing Real-World Network Security

Conclusion

In light of the CVE-2022-38372 hidden functionality vulnerability, it is essential for organizations utilizing FortiTester CLI versions 2.3. through 3.9.1, 4.. through 4.2., and 7.. through 7.1. to take the necessary precautions to safeguard their network environment. Immediate steps should include:

Upgrading to the latest FortiTester CLI version or applying relevant patches.

2. Auditing user privileges and ensuring that only authorized personnel have administrative access to affected devices.
3. Implementing strict access controls and security measures to prevent attackers from gaining privileged access to the FortiTester CLI.

By taking these actions, organizations can reduce the risk of unauthorized users exploiting CVE-2022-38372 and gaining root shell control over their network devices.

Timeline

Published on: 11/02/2022 12:15:00 UTC
Last modified on: 11/04/2022 03:26:00 UTC