CRITICAL🇵🇱 Wersja polska

CVE-2023-34990

CVSS 9.8v3.1pub. 2024-12-18upd. 2025-06-05

A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specially crafted web requests.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fortinet Fortiwlm

    APP
    Fortinet
    8.5.0 – 8.5.5 (bez)8.6.0 – 8.6.6 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2023-34991CRITICAL9.8ten sam produkt

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM ve...

CVE-2023-36547CRITICAL9.8ten sam produkt

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet Forti...

CVE-2023-34993CRITICAL9.8ten sam produkt

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet Forti...

CVE-2023-36548CRITICAL9.8ten sam produkt

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet Forti...

CVE-2023-36550CRITICAL9.8ten sam produkt

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet Forti...