CVE-2024-21762

This repository contains a functional exploit PoC for CVE-2024-21762, an out-of-bounds write vulnerability in Fortinet FortiOS SSL VPN. The exploit leverages a stack-based buffer overflow via crafted HTTP chunked encoding to achieve remote code execution (RCE) through a ROP chain.

This repository contains a Python script that checks whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762 by sending crafted HTTP requests and analyzing the response. It does not exploit the vulnerability but safely detects its presence.

The repository contains Python scripts that check for the presence of CVE-2024-21762 in Fortinet SSL VPN interfaces by sending crafted HTTP requests and analyzing responses. It does not include exploit code for achieving RCE but detects vulnerability status.

The repository contains a functional Python exploit for CVE-2024-21762, targeting a remote code execution vulnerability in FortiGate. The exploit crafts a malicious HTTP request with a ROP chain and payload to achieve arbitrary code execution.

The repository contains a scanner for CVE-2024-21762, a Fortinet SSL VPN vulnerability, which checks if a target host is vulnerable by sending crafted HTTP requests. It does not include exploit code for achieving RCE but verifies the presence of the vulnerability.

This repository contains a functional proof-of-concept exploit for CVE-2024-21762, targeting a stack-based buffer overflow or command injection vulnerability in FortiOS SSL VPN's /remote/hostcheck_validate endpoint. The exploit includes a reverse shell payload delivery mechanism and a C2 server for post-exploitation command execution.

This repository contains a Python script that scans for CVE-2024-21762 by leveraging the Shodan API to identify FortiGate SSL VPN instances and then checks their vulnerability status via crafted HTTP requests. It does not exploit the vulnerability but detects its presence.

This repository contains a functional exploit for CVE-2024-21762, targeting a Fortinet SSL VPN vulnerability. The exploit sends a crafted POST request to the '/remote/hostcheck_validate' endpoint with a reverse shell payload, demonstrating remote code execution (RCE).

This repository contains a functional exploit for CVE-2024-21762, targeting an out-of-bounds write vulnerability in FortiGate SSL VPN (FortiOS). The exploit includes ROP gadgets, heap spraying techniques, and a reverse shell payload for remote code execution.

This repository contains a functional exploit PoC for CVE-2024-21762, a critical out-of-bounds write vulnerability in Fortinet FortiOS and FortiProxy SSL VPN components. The exploit leverages a crafted HTTP request to trigger a stack-based buffer overflow, leading to remote code execution (RCE) via ROP chain manipulation.

This repository contains a Python script that scans for CVE-2024-21762, a Fortinet SSL VPN vulnerability, by sending crafted HTTP requests and analyzing responses to determine if a target is vulnerable or patched. It does not exploit the vulnerability but detects its presence.