{"uuid": "8450e04c-f129-47da-8f04-a6431462c445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-23113", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/2609", "content": "\ud83d\udea8 Fortinet FortiManager Unauthenticated RCE (CVE-2024-47575)\n\nThe remote code execution vulnerability in FortiManager allows attackers to perform arbitrary operations by exploiting commands via the FGFM protocol, circumventing authentication. Referred to as FortiJump, this vulnerability provides unauthorized access to FortiManager, enabling control over FortiGate devices by taking advantage of insufficient security in command handling and device registration processes. \n\n\ud83d\udee0 Affected Versions:\nFortiManager 7.6.0\nFortiManager 7.4.0 through 7.4.4\nFortiManager 7.2.0 through 7.2.7\nFortiManager 7.0.0 through 7.0.12\nFortiManager 6.4.0 through 6.4.14\nFortiManager 6.2.0 through 6.2.12\nFortiManager Cloud 7.4.1 through 7.4.4\nFortiManager Cloud 7.2.1 through 7.2.7\nFortiManager Cloud 7.0.1 through 7.0.12\nFortiManager Cloud 6.4\n\n\ud83d\udd17 Research: \nhttps://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/\n\n\ud83d\udd17 Source: \nhttps://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575\n\n#fortinet #fortimanager #fgfm #unauth #rce", "creation_timestamp": "2025-02-15T16:51:49.000000Z"}