Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-21762 PoC — Fortinet FortiOS 缓冲区错误漏洞

Source
https://github.com/cleverg0d/CVE-2024-21762-Checker
Associated Vulnerability
Title:Fortinet FortiOS 缓冲区错误漏洞 (CVE-2024-21762)
Description:Fortinet FortiOS是美国飞塔(Fortinet)公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS存在缓冲区错误漏洞,该漏洞源于存在越界写入,允许攻击者通过特制请求执行未经授权的代码或命令。
Description
This script performs vulnerability scanning for CVE-2024-21762, a Fortinet SSL VPN remote code execution vulnerability. It checks whether a given server is vulnerable to this CVE by sending specific requests and analyzing the responses.
Readme
# CVE-2024-21762-Checker
This script performs vulnerability scanning for CVE-2024-21762, a Fortinet SSL VPN remote code execution vulnerability. It checks whether a given server is vulnerable to this CVE by sending specific requests and analyzing the responses.
For more information, [see this Bishop Fox blog post](https://bishopfox.com/blog/cve-2024-21762-vulnerability-scanner-for-fortigate-firewalls)
Date of published exploit: **2024/02/28**
Vulnerable vesions: **FortiOS 6.0 to 7.4.2**
| FortiOS Version | Affected Versions    | Recommended Action         |
|-----------------|----------------------|----------------------------|
| FortiOS 7.6     | Not affected         | Not Applicable             |
| FortiOS 7.4     | 7.4.0 through 7.4.2  | Upgrade to 7.4.3 or above  |
| FortiOS 7.2     | 7.2.0 through 7.2.6  | Upgrade to 7.2.7 or above  |
| FortiOS 7.0     | 7.0.0 through 7.0.13 | Upgrade to 7.0.14 or above |
| FortiOS 6.4     | 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
| FortiOS 6.2     | 6.2.0 through 6.2.15 | Upgrade to 6.2.16 or above |
| FortiOS 6.0     | 6.0 all versions     | Migrate to a fixed release |

## Usage
The script supports two modes of operation:
Single check: You can provide a hostname and port as command-line arguments to check a single host.
```
python3 check-cve-2024-21762.py <IP> <PORT>
```
Mass scanning: You can provide a file containing a list of host URLs in the format hostname:port, and the script will scan each host listed in the file.
```
python3 check-cve-2024-21762.py host_URL.txt # <IP|Hostname>:<PORT>
```
For each host, the script sends two POST requests: a control request and a check request. Based on the responses received, it determines whether the server is vulnerable or patched. The output includes color-coded status messages for easy identification: Vulnerable status is displayed in red, while Patched status is displayed in green. Additionally, it provides warning messages if the server does not appear to be a Fortinet SSL VPN interface or if the connection fails.
File Snapshot

 [4.0K]  /data/pocs/e69092200802ddc195e51065ce8ac50646c2f076
├── [3.3K]  check-cve-2024-21762.py
├── [ 34K]  LICENSE
└── [2.0K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.