3 matches found
CVE-2023-34993
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...
CVE-2023-34993
creationtimestamp| type| source ---|---|--- 2023-10-10 20:16:45+00:00| seen| https://t.me/cibsecurity/71964 2024-11-04 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-11-04 2024-11-05 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-11-05...
CVE-2023-34993
Fortinet FortiWLM is affected by an OS command injection in FortiWLM 8.6.0–8.6.5 and 8.5.0–8.5.4 due to improper neutralization of command elements. An unauthenticated attacker can remotely execute arbitrary commands by crafting specific HTTP GET parameters, potentially bypassing authentication a...