cbcvebase.
CVE-2023-34987
published 2023-10-10

CVE-2023-34987: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through…

PriorityP265high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.09%
79.2th percentile
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.

Affected

4 ranges
VendorProductVersion rangeFixed in
fortinetfortinet
fortinetfortiwlm
fortinetfortiwlm8.5.0 – 8.5.4
fortinetfortiwlm8.6.0 – 8.6.5

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered via specially crafted HTTP GET request parameters — monitor for anomalous or shell-metacharacter-containing GET parameters targeting FortiWLM endpoints
  • CWE-78 OS Command Injection in Fortinet FortiWLM — focus detection on HTTP GET requests to FortiWLM management interface containing OS command injection payloads (e.g., semicolons, pipes, backticks, $() in parameter values)
  • Affected versions are FortiWLM 8.6.0–8.6.5 and 8.5.0–8.5.4; prioritize detection/patching on these specific version ranges
  • ·This CVE is part of a cluster of related FortiWLM OS command injection vulnerabilities (CVE-2023-34985 through CVE-2023-34989) — detections and patches should address all five CVEs together under advisory FG-IR-23-141
  • ·CVSS score is 8.8 (High), indicating the attack is likely network-accessible with low complexity; treat exposure of FortiWLM management interfaces to untrusted networks as critical risk
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.