Fortinet

FortiClient VPN

FortiClient VPN Logging Blind Spot RevealedPentera

CVE-2024-47575 - Fortimanager - Fortijump, Unauthenticated Remote Code Execution

GitHub - watchtowrlabs/Fortijump-Exploit-CVE-2024-47575: Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575GitHub

CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order Command Injection

GitHub - horizon3ai/CVE-2024-23108: CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order Command InjectionGitHub

CVE-2024-21762 - FortiGate RCE

GitHub - cleverg0d/CVE-2024-21762-Checker: This script performs vulnerability scanning for CVE-2024-21762, a Fortinet SSL VPN remote code execution vulnerability. It checks whether a given server is vulnerable to this CVE by sending specific requests and analyzing the responses.GitHub

GitHub - d0rb/CVE-2024-21762: The PoC demonstrates the potential for remote code execution by exploiting the identified security flaw.GitHub

Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerabilitiy

GitHub - horizon3ai/CVE-2023-48788: Fortinet FortiClient EMS SQL InjectionGitHub

CVE-2023-27997 - FortiGate SSL-VPN

GitHub - BishopFox/CVE-2023-27997-check: Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timingGitHub

CVE-2022-40684 - Fortinet FortiOS, FortiProxy, and FortiSwitchManager

GitHub - horizon3ai/CVE-2022-40684: A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManagerGitHub

CVE-2022-39952 - Fortinet FortiNAC

GitHub - horizon3ai/CVE-2022-39952: POC for CVE-2022-39952GitHub

CVE-2021-26088 - Improper Authentication in Fortinet Fortinet Single Sign-On

GitHub - theogobinet/CVE-2021-26088: PoC for CVE-2021-26088 written in PowerShellGitHub

CVE-2018-13379 - FortiGate SSL-VPN

GitHub - anasbousselham/fortiscan: A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.GitHub