Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-55591 PoC — Fortinet FortiOS和FortiProxy 安全漏洞

Source
https://github.com/robomusk52/exp-cmd-add-admin-vpn-CVE-2024-55591
Associated Vulnerability
Title:Fortinet FortiOS和FortiProxy 安全漏洞 (CVE-2024-55591)
Description:An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
Description
CVE-2024-55591 Opening CMD (Command Line Interface), Creating a Superuser, and Managing VPN Groups
Readme
# CVE-2024-55591
### If you're reading this, you most likely know what we're talking about.
[DOWNLOAD](https://satoshidisk.com/pay/CNVBUk)
# Vulnerability Scanner
## Description
This script attempts to create a WebSocket connection at a random URI from a pre-authenticated perspective to the FortiOS management interface, and reviews the response to determine if the instance is VULNERABLE.
### Checks the file with ip addresses for vulnerability
## USEAGE
Checks your text document with ip addresses for vulnerabilities
```python check.py --file ips.txt --port 443```

# poc.py
## Description
Use this poc, you can bypass authentication and see system log.
## USAGE

```python3 poc.py [-h] --target TARGET [--port PORT]```
# ADMIN CREATION
## Description
Use this exp, you can Сreates administrator, adding an administrator to a VPN group.
## USEAGE
Set the required IP Address in the code before startup.

![image](https://github.com/user-attachments/assets/896d0c6a-67d2-4234-bf47-5bcc91f8d7f4)

```python3 adadmin.py```

![image](https://github.com/user-attachments/assets/a1978c49-3b08-4be9-aabd-2140b3d19c22)


# CMD
## Description
Use this exp, you can bypass authentication and run cmd.
## USEAGE
```exp.py [-h] --target TARGET [--port PORT] [--username USERNAME] [--cmd CMD]```

## Affected Versions

-FortiOS 7.0.0 through 7.0.16
-FortiProxy 7.0.0 through 7.0.19
-FortiProxy 7.2.0 through 7.2.12
[More details](https://www.fortiguard.com/psirt/FG-IR-24-535)

[DOWNLOAD](https://satoshidisk.com/pay/CNVBUk)
File Snapshot

 [4.0K]  /data/pocs/a2f5ff10c5cd8a24f9e52e8ed8b7acbe14adf8b0
├── [5.5K]  check.py
├── [7.9K]  poc.py
└── [1.5K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →