Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fortinet FortiManager Unauthenticated RCE #11218

Open
1 task done
whereveryouare666 opened this issue Nov 18, 2024 · 7 comments
Open
1 task done

Fortinet FortiManager Unauthenticated RCE #11218

whereveryouare666 opened this issue Nov 18, 2024 · 7 comments
Assignees
@DhiyaneshGeek
Labels
💎 Bounty template-requests Request for new Nuclei templates to be created

Comments

@whereveryouare666
Copy link

Is there an existing template for this?

  • I have searched the existing templates.

Template requests

Anything else?

PoC
https://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575
@whereveryouare666 whereveryouare666 added the template-requests Request for new Nuclei templates to be created label Nov 18, 2024
@princechaddha
Copy link
Member

/bounty $50

Avoid adding code templates for CVEs that can be achieved using HTTP, TCP, or JavaScript. Such templates are blocked by default and won’t produce results, so we prioritize creating templates with other protocols unless exceptions are made.
You can check the FAQ for the Nuclei Templates Community Rewards Program here.

@algora-pbc Algora PBC
Copy link

algora-pbc bot commented Nov 30, 2024
edited
Loading

💎 $50 bounty • ProjectDiscovery Bounty Available for CVE Template Contribution

Steps to Contribute:

  • Claim attempt: Comment /attempt #11218 on this issue to claim attempt.
  • Write the Template: Create a high-quality Nuclei template for the specified CVE, following our Contribution Guidelines and Acceptance Criteria.
  • Submit the Template: Open a pull request (PR) to projectdiscovery/nuclei-templates and include /claim #11218 in the PR body to claim the bounty.
  • Receive Payment: Upon successful merge of your PR, you will receive 100% of the bounty through Algora.io within 2-5 days. Ensure you are eligible for payouts.

Thank you for contributing to projectdiscovery/nuclei-templates and helping us democratize security!

Acceptance Criteria: The template must include a complete POC and should not rely solely on version-based detection. Contributors are required to provide debug data(-debug) along with the template to help the triage team with validation. Rewards will only be given once the template is fully validated by the team. Templates that are incomplete or invalid will not be accepted. Avoid adding code templates for CVEs that can be achieved using HTTP, TCP, or JavaScript. Such templates are blocked by default and won’t produce results, so we prioritize creating templates with other protocols unless exceptions are made.
You can check the FAQ for the Nuclei Templates Community Rewards Program here.

Add a bountyShare on socials

Attempt Started (GMT+0) Solution
🔴 @gy741 Dec 2, 2024, 3:22:09 AM WIP
🟢 @zelosleone Dec 14, 2024, 11:08:53 AM #11355

@gy741
Copy link
Contributor

gy741 commented Dec 2, 2024
edited by algora-pbc bot
Loading

/attempt #11218

Options

@algora-pbc Algora PBC
Copy link

algora-pbc bot commented Dec 6, 2024

@gy741: Reminder that in 4 days the bounty will become up for grabs, so please submit a pull request before then 🙏

@algora-pbc Algora PBC
Copy link

algora-pbc bot commented Dec 10, 2024

The bounty is up for grabs! Everyone is welcome to /attempt #11218 🙌

@zelosleone
Copy link

zelosleone commented Dec 14, 2024
edited by algora-pbc bot
Loading

/attempt #11218

Options

@zelosleone zelosleone mentioned this issue Dec 14, 2024
Open
1 task
@algora-pbc Algora PBC
Copy link

algora-pbc bot commented Dec 16, 2024

💡 @zelosleone submitted a pull request that claims the bounty. You can visit your bounty board to reward.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DhiyaneshGeek DhiyaneshGeek

Labels
💎 Bounty template-requests Request for new Nuclei templates to be created
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@princechaddha @DhiyaneshGeek @gy741 @zelosleone @whereveryouare666