CVE-2024-23666

HIGH

Fortinet FortiAnalyzer-BigData <7.4.1 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-23666. PoCs published by synacktiv.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2023-42791 and CVE-2024-23666, targeting FortiManager. The exploits include RCE via file upload and SSH access to managed FortiGate devices, leveraging insufficient authorization checks and unrestricted file upload vulnerabilities.

Description

A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 and 6.4.5 through 6.4.7 and 6.2.5, FortiManager version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14 allows attacker to improper access control via crafted requests.

Exploits (1)

nomisec WORKING POC 6 stars

by synacktiv · poc

https://github.com/synacktiv/CVE-2023-42791_CVE-2024-23666

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2023-42791 and CVE-2024-23666, targeting FortiManager. The exploits include RCE via file upload and SSH access to managed FortiGate devices, leveraging insufficient authorization checks and unrestricted file upload vulnerabilities.

Classification

Working Poc 100%

Attack Type

Rce | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: FortiManager (versions ≤ 7.4.0, ≤ 7.2.3, ≤ 7.0.8, ≤ 6.4.12, ≤ 6.2.11)

Auth required

Prerequisites: Valid credentials for FortiManager · Network access to the target · Compiled malicious library for RCE

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory

https://fortiguard.fortinet.com/psirt/FG-IR-23-396

Scores

CVSS v3 7.5

EPSS 0.0274

EPSS Percentile 84.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-602

Status published

Products (4)

fortinet/fortianalyzer 6.4.0 - 6.4.15

fortinet/fortianalyzer_big_data 7.4.0

fortinet/fortianalyzer_big_data 6.2.1 - 7.2.7

fortinet/fortimanager 6.4.0 - 6.4.15

Published Nov 12, 2024

Tracked Since Feb 18, 2026