Name		Name	Last commit message	Last commit date
parent directory ..
doc		doc
README.MD		README.MD

README.MD

CVE-2020-9290

[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9290]

Install client

- - from section: FortiClient 6.2.3 and below for Windows

[https://www.forticlient.com/downloads]

doc

[https://docs.fortinet.com/product/forticlient/6.2]

Upload malicious `DLL` using `FortiClient`

- - H0w:

[https://docs.fortinet.com/document/forticlient/6.2.3/windows-release-notes/371487/introduction]

[https://docs.fortinet.com/document/forticlient/6.2.3/ems-administration-guide/614193/adding-a-custom-forticlient-installer]

[https://docs.fortinet.com/document/forticlient/6.2.3/windows-release-notes/503596/installation-information#Upgradin]

- - @ct10n:

execute arbitrary code on the system via uploading malicious Filter Library DLL files in that directory.

- - - - m0r#:

[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9290]

That's it

:)