CVE-2024-55591 is a critical security vulnerability identified in Fortinet's FortiOS and FortiProxy software, specifically versions 7.0.0 through 7.0.16 and 7.0.0 through 7.0.19, as well as 7.2.0 through 7.2.12. This vulnerability falls under the category of Authentication Bypass Using an Alternate Path or Channel (CWE-288). It allows remote attackers to bypass standard authentication mechanisms and gain super-admin privileges by sending specially crafted requests to the Node.js websocket module integrated within these systems.
https://securityvulnerability.io/vulner ... 2024-55591