Skip to content

expl0itsecurity/CVE-2024-23113

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 

Repository files navigation

FortiOS and FortiProxy Format String Vulnerability to RCE (CVE-2024-23113)

Overview

CVE-2024-23113 The vulnerability lies in the format string, and because of it and the .py exploit, an attacker can send RCE commands without having administrator rights. Confidentiality, integrity and availability are affected.

Exploit:

Details

  • CVE ID: CVE-2024-23113
  • Published: 2024-10-15
  • Impact: Confidentiality
  • Exploit Availability: Not public, only private.
  • CVSS: 9.8

Vulnerability Description

It’s a Format String vulnerability, allows attacker to execute unauthorised code or commands via specially crafted packets.

The use of externally-controlled format string vulnerability [CWE-134] in FortiOS fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. Allows attacker to execute unauthorized code or commands via specially crafted packets.

Affected Versions

Fortinet FortiOS versions

7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,

FortiProxy versions

7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14,

FortiPAM versions

1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,

FortiSwitchManager versions

7.2.0 through 7.2.3, 7.0.0 through 7.0.3

Running

To run exploit you need Python 3.9. Execute:

python exploit.py -h 10.10.10.10 -c 'uname -a'

Contact

For inquiries, please contact expl0itsecurity@exploit.in

Exploit:

image

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published