CVE-2024-55591: Follow up: Authentication Bypass Vulnerability in Fortinet FortiOS and FortiProxy
On January 14, 2025, Fortinet published a security advisory for CVE-2024-55591, an authentication bypass using an alternate path or channel vulnerability in FortiOS and FortiProxy. A remote threat actor can craft requests to the Node.js websocket module to gain super-admin privileges.