Awesome
CVE-2024-21762 Check
Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762. For more information, see this Bishop Fox blog post
Usage
python3 check-cve-2024-21762.py <host> <port>
In most cases, the script will either output "Vulnerable" or "Patched". It performs minimal verification that the target is in fact a FortiOS SSL VPN, and in some cases it will print a warning before providing output. If this happens, double check that your target is a FortiOS SSL VPN interface and not a management interface.
# Testing against the SSL-VPN interface
$ python3 check-cve-2024-21762.py 192.168.250.124 12443
Vulnerable
# Testing against the management interface -> bogus results
$ python3 check-cve-2024-21762.py 192.168.250.124 443
[warning] Server does not look like a Fortinet SSL VPN interface
Patched