cbcvebase.
CVE-2023-36550
published 2023-10-10

CVE-2023-36550: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through…

PriorityP270critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.11%
79.4th percentile
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.

Affected

4 ranges
VendorProductVersion rangeFixed in
fortinetfortinet
fortinetfortiwlm
fortinetfortiwlm8.5.0 – 8.5.4
fortinetfortiwlm8.6.0 – 8.6.5

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered via specially crafted HTTP GET request parameters containing OS command injection payloads targeting Fortinet FortiWLM
  • Target affected versions: FortiWLM 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 — monitor/block HTTP GET requests with shell metacharacters in parameters against these versions
  • ·CVE-2023-36550 is one of several OS command injection CVEs (CVE-2023-34993, CVE-2023-36547, CVE-2023-36548, CVE-2023-36549, CVE-2023-36550) affecting FortiWLM — detections and patches should address the full cluster
  • ·CVSS score is 9.8 (Critical) with CWE-78 (OS Command Injection); unauthenticated exploitation via HTTP GET is implied, making internet-exposed FortiWLM instances highest priority
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.