CVE-2023-34990

CRITICAL NUCLEI

Fortinet Fortiwlm < 8.5.5 - Code Injection

Title source: rule

Description

A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specially crafted web requests.

Nuclei Templates (1)

FortiWLM - Directory Traversal

CRITICALby DhiyaneshDk

Shodan: title:"FortiWLM Login"

References (1)

[Vendor Advisory] https://fortiguard.com/psirt/FG-IR-23-144

Scores

CVSS v3 9.8

EPSS 0.6633

EPSS Percentile 98.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-94 CWE-23

Status published

Products (1)

fortinet/fortiwlm 8.5.0 - 8.5.5

Published Dec 18, 2024

Tracked Since Feb 18, 2026