Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2024-55591 PoC — Fortinet FortiOS和FortiProxy 安全漏洞

Source
https://github.com/0x7556/CVE-2024-55591
Associated Vulnerability
Title:Fortinet FortiOS和FortiProxy 安全漏洞 (CVE-2024-55591)
Description:An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
Readme
# FortiGate CVE-2024-55591

### 1Scan最新版

https://github.com/0x7556/1Scan

#### 影响版本

    FortiOS 7.0.0 through 7.0.16
    FortiProxy 7.0.0 through 7.0.19
    FortiProxy 7.2.0 through 7.2.12

#### POC单个检测

```Bash
./poc 10.10.1.1
./poc http://10.10.1.1
```

#### 1Scan 批量

```Bash
./1scan 10.10.1.1
./1scan 10.10.1.1/24
./1scan 10.10.1.1/c
./1scan 10.10.1.1/b
./1scan http://10.10.1.1
./1scan ip.txt
./1scan ipc.txt
./1scan ipb.txt
./1scan url.txt
```

单个URL或IP
![image](https://github.com/0x7556/1Scan/blob/main/CVE-2024-55591.png)

批量检测 url.txt
![image](https://github.com/0x7556/1Scan/blob/main/CVE-2024-55591-more.png)

PS:工具只显示成功结果,不显示过程,为了方便在手机或平板下一键渗透

### Link
https://github.com/watchtowrlabs/fortios-auth-bypass-poc-CVE-2024-55591
File Snapshot

 [4.0K]  /data/pocs/445cf396fbe31267a92b4abdd38782f0f283e8a2
├── [ 79K]  CVE-2024-55591.png
└── [ 845]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →