一、 漏洞 CVE-2024-55591 基础信息
漏洞信息
# N/A
## 概述
FortiOS版本7.0.0至7.0.16和FortiProxy版本7.0.0至7.0.19以及7.2.0至7.2.12中存在一个认证绕过漏洞[CWE-288]。远程攻击者可以通过对Node.js websocket模块发送精心构造的请求,获得超级管理员权限。
## 影响版本
- FortiOS: 7.0.0 - 7.0.16
- FortiProxy: 7.0.0 - 7.0.19, 7.2.0 - 7.2.12
## 细节
该漏洞是由于认证绕过使用了替代路径或通道[CWE-288]。攻击者可以构造特定的HTTP请求,通过Node.js websocket模块进行身份验证绕过,从而获取系统的超级管理员权限。
## 影响
此漏洞允许远程攻击者获得对系统的完全控制权,造成重大安全隐患。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
来源:美国国家漏洞数据库 NVD
漏洞类别
使用候选路径或通道进行的认证绕过
来源:美国国家漏洞数据库 NVD
漏洞标题
Fortinet FortiOS和FortiProxy 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Fortinet FortiOS和Fortinet FortiProxy都是美国飞塔(Fortinet)公司的产品。Fortinet FortiOS是一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。Fortinet FortiProxy是一种安全的网络代理,通过结合多种检测技术,如Web过滤、DNS过滤、DLP、反病毒、入侵防御和高级威胁保护,可以保护员工免受网络攻击。FortiProxy有助于减
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2024-55591 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | None | https://github.com/watchtowrlabs/fortios-auth-bypass-check-CVE-2024-55591 | POC详情 |
| 2 | Checks for authentication bypass vulnerability inFortinet's FortiOS, potentially exploited by remote attackers. | https://github.com/souzatyler/fortios-auth-bypass-check-CVE-2024-55591 | POC详情 |
| 3 | None | https://github.com/sysirq/fortios-auth-bypass-poc-CVE-2024-55591 | POC详情 |
| 4 | None | https://github.com/sysirq/fortios-auth-bypass-exploit-CVE-2024-55591 | POC详情 |
| 5 | Private CVE-2024-55591 | https://github.com/amfg145/Private-CVE-2024-55591. | POC详情 |
| 6 | CVE-2024-55591 Opening CMD (Command Line Interface), Creating a Superuser, and Managing VPN Groups | https://github.com/robomusk52/exp-cmd-add-admin-vpn-CVE-2024-55591 | POC详情 |
| 7 | None | https://github.com/watchtowrlabs/fortios-auth-bypass-poc-CVE-2024-55591 | POC详情 |
| 8 | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy may allow a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module. | https://github.com/virus-or-not/CVE-2024-55591 | POC详情 |
| 9 | A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (CVE-2024-55591) in certain Fortinet devices. | https://github.com/exfil0/CVE-2024-55591-POC | POC详情 |
| 10 | #PoC for CVE-2024-55591 Authentication bypass Affects: FortiOS 7.0.0 to 7.0.16 , FortiProxy 7.0.0 to 7.0.19 ,FortiProxy 7.2.0 to 7.2.12 | https://github.com/rawtips/CVE-2024-55591 | POC详情 |
| 11 | None | https://github.com/0x7556/CVE-2024-55591 | POC详情 |
| 12 | None | https://github.com/binarywarm/exp-cmd-add-admin-vpn-CVE-2024-55591 | POC详情 |
| 13 | Fortinet FortiOS is vulnerable to an information disclosure via service-worker.js that could allow an attacker to access sensitive information.This vulnerability affects FortiOS and could potentially lead to unauthorized access to the system. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-55591.yaml | POC详情 |
三、漏洞 CVE-2024-55591 的情报信息
-
标题: PSIRT | FortiGuard Labs -- 🔗来源链接
标签:
- https://nvd.nist.gov/vuln/detail/CVE-2024-55591