关联漏洞
标题:
Fortinet FortiOS 缓冲区错误漏洞
(CVE-2024-21762)
描述:Fortinet FortiOS是美国飞塔(Fortinet)公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS存在缓冲区错误漏洞,该漏洞源于存在越界写入,允许攻击者通过特制请求执行未经授权的代码或命令。
描述
The PoC demonstrates the potential for remote code execution by exploiting the identified security flaw.
介绍
# 🇮🇱 **#BringThemHome #NeverAgainIsNow** 🇮🇱
**We demand the safe return of all citizens who have been taken hostage by the terrorist group Hamas. We will not rest until every hostage is released and returns home safely. You can help bring them back home.
https://stories.bringthemhomenow.net/**
# CVE-2024-21762
The PoC demonstrates the potential for remote code execution by exploiting the identified security flaw in FortiGate.
**CVE-2024-21762 PoC :bomb:**
#Description
This repository contains a Python exploit targeting a vulnerability in FortiGate, a next-generation firewall. The exploit takes advantage of a security flaw to execute arbitrary code on the target system.
Features :rocket:
Crafted payload to exploit the vulnerability
Custom ROP (Return Oriented Programming) chain for remote code execution
HTTP request crafting for remote exploitation
Usage :computer:
Ensure you have Python installed on your system.
Clone this repository to your local machine.
Modify the exploit code to customize the payload if necessary.
Run the exploit script using Python.
python fortigate_exploit.py
#**Disclaimer :warning:**
This exploit is provided for educational and research purposes only. Use it responsibly and only on systems you own or have explicit permission to test.
文件快照
[4.0K] /data/pocs/a7027715734475c2e3ac895d3cf60ba252e24566
├── [1.5K] PoC.py
└── [1.3K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。