ET WEB_SPECIFIC_APPS Fortigate FortiOS Invalid HTTP Chunk Length (CVE-2024-21762) Vulnerability Scan Attempt

SID: 2051765Rev: 144 viewsHistory

Sourceet/open

CreatedMarch 22, 2024

UpdatedMarch 22, 2024

Classificationtrojan-activity

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Fortigate FortiOS Invalid HTTP Chunk Length (CVE-2024-21762) Vulnerability Scan Attempt"; flow:established,to_server; content:"|0d 0a 0d 0a|0000000000000000FF|0d 0a 0d 0a|"; fast_pattern; http.method; content:"POST"; http.uri; content:"/remote/"; http.header; content:"Transfer-Encoding|3a 20|chunked"; reference:url,github.com/BishopFox/cve-2024-21762-check; reference:cve,2024-21762; classtype:trojan-activity; sid:2051765; rev:1; metadata:affected_product Fortigate, attack_target Networking_Equipment, tls_state TLSDecrypt, created_at 2024_03_22, cve CVE_2024_21762, deployment Perimeter, deployment SSLDecrypt, performance_impact Low, confidence High, signature_severity Major, tag CISA_KEV, updated_at 2024_03_22, reviewed_at 2024_10_03; target:dest_ip;)

References

url	github.com/BishopFox/cve-2024-21762-check
cve	2024-21762

Metadata

affected productFortigate

attack targetNetworking_Equipment

tls stateTLSDecrypt

created at2024_03_22

cveCVE-2024-21762

deploymentSSLDecrypt

performance impactLow

confidenceHigh

signature severityMajor

tagCISA_KEV

updated at2024_03_22

reviewed at2024_10_03

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!