/cve-2024-21762-check

Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

CVE-2024-21762 Check

Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762. For more information, see this Bishop Fox blog post

Usage

python3 check-cve-2024-21762.py <host> <port>

In most cases, the script will either output "Vulnerable" or "Patched". It performs minimal verification that the target is in fact a FortiOS SSL VPN, and in some cases it will print a warning before providing output. If this happens, double check that your target is a FortiOS SSL VPN interface and not a management interface.

# Testing against the SSL-VPN interface
$ python3 check-cve-2024-21762.py 192.168.250.124 12443
Vulnerable

# Testing against the management interface -> bogus results
$ python3 check-cve-2024-21762.py 192.168.250.124 443
[warning] Server does not look like a Fortinet SSL VPN interface
Patched