Vulnerabilities > Fortinet > Fortiwlm

DATE CVE VULNERABILITY TITLE RISK
2023-12-13 CVE-2023-48782 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters
network
low complexity
fortinet CWE-78
8.8
2023-11-14 CVE-2023-34991 SQL Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.0 through 8.4.2 and 8.3.0 through 8.3.2 and 8.2.2 allows attacker to execute unauthorized code or commands via a crafted http request.
network
low complexity
fortinet CWE-89
critical
9.8
2023-11-14 CVE-2023-42783 Relative Path Traversal vulnerability in Fortinet Fortiwlm
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.
network
low complexity
fortinet CWE-23
7.5
2023-10-10 CVE-2023-34985 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.
network
low complexity
fortinet CWE-78
8.8
2023-10-10 CVE-2023-34986 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.
network
low complexity
fortinet CWE-78
8.8
2023-10-10 CVE-2023-34987 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.
network
low complexity
fortinet CWE-78
8.8
2023-10-10 CVE-2023-34988 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.
network
low complexity
fortinet CWE-78
8.8
2023-10-10 CVE-2023-34989 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.
network
low complexity
fortinet CWE-78
8.8
2023-10-10 CVE-2023-34993 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.
network
low complexity
fortinet CWE-78
critical
9.8
2023-10-10 CVE-2023-36547 OS Command Injection vulnerability in Fortinet Fortiwlm
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.
network
low complexity
fortinet CWE-78
critical
9.8