Exploit for Out-of-bounds Write in Fortinet Fortiproxy CVE-2024-21762

Name: Exploit for Out-of-bounds Write in Fortinet Fortiproxy CVE-2024-21762
Rating: 5 (205 reviews)

2024-02-28 | CVSS 9.8

## https://sploitus.com/exploit?id=D3DA00D0-CA5E-5049-AE6E-8470B868FB22
# CVE-2024-21762 Check
Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762. For more information, see [this Bishop Fox blog post](https://bishopfox.com/blog/cve-2024-21762-vulnerability-scanner-for-fortigate-firewalls)

## Usage
```
python3 check-cve-2024-21762.py <host> <port>
```

In most cases, the script will either output "Vulnerable" or "Patched". It performs minimal verification that the target is in fact a FortiOS SSL VPN, and in some cases it will print a warning before providing output. If this happens, double check that your target is a FortiOS SSL VPN interface and not a management interface.
```
# Testing against the SSL-VPN interface
$ python3 check-cve-2024-21762.py 192.168.250.124 12443
Vulnerable

# Testing against the management interface -> bogus results
$ python3 check-cve-2024-21762.py 192.168.250.124 443
[warning] Server does not look like a Fortinet SSL VPN interface
Patched
```