CVE-2023-34985
published 2023-10-10CVE-2023-34985: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through…
PriorityP265high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.09%
79.2th percentile
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortiwlm | — | — |
| fortinet | fortiwlm | 8.5.0 – 8.5.4 | — |
| fortinet | fortiwlm | 8.6.0 – 8.6.5 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered via specially crafted HTTP GET request parameters — monitor for anomalous or shell-metacharacter-containing query strings targeting FortiWLM endpoints ↗
- →CWE-78 OS Command Injection in Fortinet FortiWLM — inspect HTTP GET parameters for OS command injection patterns (e.g., semicolons, pipes, backticks, $() constructs) ↗
- ·Affected versions are FortiWLM 8.6.0–8.6.5 and 8.5.0–8.5.4; ensure detection rules are scoped to these version ranges and updated once patched versions are deployed ↗
- ·This advisory covers a cluster of related CVEs (CVE-2023-34985 through CVE-2023-34989); detections built for this CVE may need to be validated against all five to avoid gaps ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Fortinet
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM versio...
vendor_fortinet·2023-10-10·CVSS 8.8
CVE-2023-34985 [HIGH] CWE-78 A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM versio...
FG-IR-23-141: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM versio...
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.
CVEs: CVE-2023-34985, CVE-2023-34986, CVE-2023-34987, CVE-2023-34988, CVE-2023-34989
CWEs: CWE-78
CVSS: 8.8 (high)
Affected products: FortiWLM, FortiWlm, Fortinet
GHSA
GHSA-q7gr-xr74-27p6: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8
ghsa_unreviewed·2023-10-10
CVE-2023-34985 [HIGH] CWE-78 GHSA-q7gr-xr74-27p6: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-10-10
Published