New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fortinet SSL VPN Out-of-bounds Write Vulnerability Check (CVE-2024-21762) #9347
Comments
Thanks so much for your contribution @NitescuLucian ! |
@NitescuLucian In your targets list , the vuln IP is with https or without https . root@tc:~/.cache# cat test.txt | ./nuclei -t cve-2024-21762-check.yaml -code [INF] Supplied input was automatically deduplicated (1301 removed). thank you |
@sec13b only with https as per Forti SSL VPN. I do not think there is an option to be http. |
@NitescuLucian thanks for sharing. Is this template working in the latest version of Nuclei? I also received the error '[FTL] Could not run nuclei: no templates provided for scan' in a HTTPS url. |
Here is the documentation: https://docs.projectdiscovery.io/templates/reference/template-signing Also use |
no i didnt -sign (solved) digest:490a0046304402206a39800bff0d9ca85a05e3686a0e246f8d5504a38e8501a1d7e8684ae6f2853002205ba7c74bb1f99cacf693e8a5a1cd429dcd7e52fab188beb8c95b934e4aabcd57:922c64590222798bb761d5b6d8e72950 i ask if in targets.txt the list have exampe : cat targets.txt | httpx -random-agent -nf -rl 5000 -t 1000 -p 123 -stats -silent | nuclei -t .... ./nuclei -l targets.txt -t template.yaml -code -o vuln.txt -stats |
/nuclei -u x -t fortinet.yaml -code
____ __ / / ()
[WRN] Found 1 templates loaded with deprecated protocol syntax, update before v3 for continued support. No work why |
You have to remove the degist line then it will allow you to sign the template thanks guys. |
Whoever has MacOs, be careful!!! After running "brew install nuclei" on my mac os, a trojan "https://github.com/vonahisec/CVE-2022-47966-Scan" was detected by my antivirus. |
Template Information:
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests.
Nuclei Template:
How to run it:
The text was updated successfully, but these errors were encountered: