CVE-2024-23113 The vulnerability lies in the format string, and because of it and the .py exploit, an attacker can send RCE commands without having administrator rights. Confidentiality, integrity and availability are affected.
- CVE ID: CVE-2024-23113
- Published: 2024-10-15
- Impact: Confidentiality
- Exploit Availability: Not public, only private.
- CVSS: 9.8
It’s a Format String vulnerability, allows attacker to execute unauthorised code or commands via specially crafted packets.
The use of externally-controlled format string vulnerability [CWE-134] in FortiOS fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. Allows attacker to execute unauthorized code or commands via specially crafted packets.
Fortinet FortiOS versions
7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,
FortiProxy versions
7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14,
FortiPAM versions
1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,
FortiSwitchManager versions
7.2.0 through 7.2.3, 7.0.0 through 7.0.3
To run exploit you need Python 3.9. Execute:
python exploit.py -h 10.10.10.10 -c 'uname -a'
For inquiries, please contact expl0itsecurity@exploit.in