Exploit for Out-of-bounds Write in Fortinet Fortiproxy exploit
An exploit for a vulnerability in Fortinet Fortiproxy, identified as CVE-2024-21762, has been developed based on research by BishopFox. This vulnerability, which has a CVSS score of 7.5, exists within the SSL VPN component of FortiOS versions 6.0 to 7.4.2. The exploit operates by sending an out-of-bounds value in the 'Transfer-Encoding: chunked' header, leading to an HTTP Smuggling vulnerability, also known as TE.CL. The proof of concept and details of the exploit are available, but the author has decided not to release the full exploit publicly to prevent potential misuse. The exploit is available for download from a provided link for those who need it, and the author specifies that it is intended for educational purposes only. CVEs: CVE-2024-21762 [View Article](https://sploitus.com/exploit?id=D170B68D-CF25-5B3A-9D74-09942D9AD605)