Lucene search
K

The vulnerability of the imagename handler in the CGI script /ems/cgi-bin/ezrf-lighttpd.cgi of the graphical interface for managing WLAN access points and LAN switches in Fortinet FortiWLM allows a attacker to execute arbitrary code.

🗓️ 20 Dec 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 6 Views

Remote code execution via imagename handler in ezrf-lighttpd.cgi on FortiWLM due to path restriction.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2023-34990
18 Dec 202412:48
circl
CNNVD
Fortinet FortiWLM 代码注入漏洞
18 Dec 202400:00
cnnvd
CNVD
Fortinet FortiWLM Path Traversal Vulnerability (CNVD-2024-4963848)
25 Dec 202400:00
cnvd
CVE
CVE-2023-34990
18 Dec 202412:44
cve
Cvelist
CVE-2023-34990
18 Dec 202412:44
cvelist
NCSC
Vulnerability fixed in Fortinet FortiWLM
19 Dec 202414:53
ncsc
Nuclei
FortiWLM - Directory Traversal
2 Jul 202609:36
nuclei
NVD
CVE-2023-34990
18 Dec 202413:15
nvd
OSV
CVE-2023-34990
18 Dec 202413:15
osv
Positive Technologies
PT-2024-9675
18 Dec 202400:00
ptsecurity
Rows per page
Vulners
Node
fortinetfortiwlmRange8.6.08.6.6
OR
fortinetfortiwlmRange8.5.08.5.5

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

20 Dec 2024 00:00Current
8.5High risk
Vulners AI Score8.5
CVSS 39.8
CVSS 210
EPSS0.24901
6