Share
## https://sploitus.com/exploit?id=D170B68D-CF25-5B3A-9D74-09942D9AD605
# CVE-2024-21762 - 0day Exploit
0day for FortiOS 6.0-7.4.2. Based on BishopFox research. [Link](https://bishopfox.com/blog/cve-2024-21762-vulnerability-scanner-for-fortigate-firewalls)

## ๐Ÿ”ฅ **CVSS: 10/10**

## Exploit details
BishopFox recently released a detailed study of one of the new trending FortiOS vulnerabilities, CVE-2024-21762.

CVE-2024-21762 is a forbidden entry in the SSL VPN component of FortiOS. Bishop Fox analyzed the patch and found numerous changes in the handling of HTTP requests that use chunked transfer encoding. In addition to developing a proof of vulnerability, we defined a method to securely test for changes in behavior that indicate the system is using the patched firmware.

It took me a week to make an exploit based on the data provided in the report. 
**And I did it!** I did it by sending an out-of-bound value in the Transfer-Encoding: chunked header. 
Further exploitation led to an HTTP Smuggling vulnerability also known as TE.CL.


## Proof of work:
![cve-2024-21762](https://github.com/c0d3b3af/CVE-2024-21762-Exploit/assets/161638405/c786b35a-a3a9-443b-b562-b5b6b9a70f53)


## Zoomeye dork
```app:Fortinet SSL VPN"```

![image](https://github.com/c0d3b3af/CVE-2024-21762-Exploit/assets/161638405/149dc938-e88c-4ce7-9cd3-fa364ec4a940)

## Vulnerable versions: 
All versions of FortiOS 6.0 - 7.4.2

## Download
This repository contains a short version of my exploit.

I don't plan to post it for free for everyone, as I realize that this could lead to hacks.

If you need this exploit, you can get it from link below (Download).

[Download here](https://t.ly/bxtIK)

## Date of published: 2024/03/07

## Contact
Author: c0d3b3af

For education purposes only.