CVE-2024-55591 PoC This repository contains an PoC (Proof of Concept) for CVE-2024-55591, a critical authentication bypass vulnerability discovered in Fortinet's FortiOS and FortiProxy products. Vulnerability Overview CVE-2024-55591 is an authentication bypass vulnerability caused by an alternative path or channel (CWE-288). The vulnerability affects FortiOS versions 7.0.0 to 7.0.16 and FortiProxy versions 7.0.0 to 7.0.19 and 7.2.0 to 7.2.12. A remote attacker can exploit this flaw to gain super-admin privileges by sending specially crafted requests to the Node.js WebSocket module. Details Base Score (CVSS): 9.8 (CRITICAL) NVD Published Date: 01/14/2025 Technical details Deep dive into CVE-2024-55591 Demo Usage “`python usage: CVE-2024-55591.py [-h] –target TARGET [–port PORT] –username USERNAME –command COMMAND [–debug] CVE-2024-55591 exploit by https://github.com/virus-or-not/ options: -h, –help show this help message and exit –target TARGET Target IP address –port PORT Target port (default: 443) –username USERNAME Admin account username –command COMMAND Command to execute (tip: you could specify multiple commands separated by n) –debug Enable debug mode (default: False) “` Affected Versions FortiOS: Versions 7.0.0 – 7.0.16 FortiProxy: Versions 7.0.0 – 7.0.19 Versions 7.2.0 – 7.2.12 Mitigation Fortinet has released patches to address this vulnerability. It is strongly…Read More
References
Back to Main