Vulnerabilities in Fortinet Allow Remote Execution of Malicious Code

Fortinet, a leader in cybersecurity solutions, has reported two critical vulnerabilities affecting its FortiWLM and FortiManager products. These vulnerabilities could allow attackers to remotely execute unauthorized malicious code, posing a significant threat to corporate networks.

Vulnerability in FortiWLM (Wireless LAN Management)

A critical vulnerability, identified as CVE-2023-34990, has been discovered in Fortinet’s FortiWLM product. This vulnerability has a CVSS score of 9.6, highlighting its extreme severity. The issue arises from improper handling of file paths (CWE-23), enabling unauthenticated attackers to access sensitive files.

Affected Versions:

  • FortiWLM 8.6: versions 8.6.0 to 8.6.5
  • FortiWLM 8.5: versions 8.5.0 to 8.5.4

Fortinet Recommendation: Users are advised to upgrade to version 8.6.6 or higher for FortiWLM 8.6 and to version 8.5.5 or higher for FortiWLM 8.5.

Cause of Vulnerability: The issue stems from improper validation of the imagename parameter in the /ems/cgi-bin/ezrf_lighttpd.cgi path. This allows attackers to use specially crafted requests to access files outside the permitted directory.

Vulnerability in FortiManager

Another vulnerability, identified as CVE-2024-48889, has been found in the FortiManager platform. This vulnerability has a CVSS score of 7.2 and is caused by an error in the secure processing of operating system commands (CWE-78). It allows authenticated attackers to remotely execute arbitrary code.

Affected Versions:

  • FortiManager 7.6: 7.6.0
  • FortiManager 7.4: versions 7.4.0 to 7.4.4
  • FortiManager 7.4 Cloud: versions 7.4.1 to 7.4.4
  • FortiManager 7.2: versions 7.2.3 to 7.2.7
  • FortiManager 7.2 Cloud: versions 7.2.1 to 7.2.7
  • FortiManager 7.0: versions 7.0.5 to 7.0.12
  • FortiManager 7.0 Cloud: versions 7.0.1 to 7.0.12
  • FortiManager 6.4: versions 6.4.10 to 6.4.14

Additional Information: Older models of FortiAnalyzer with the fmg-status feature enabled are also affected.

Fortinet Recommendation: Users should update all impacted versions to the latest available patches.

The discovery of these vulnerabilities once again emphasizes the importance of timely updates to ensure the security of systems and networks. Fortinet has released the necessary updates for its products. The company strongly advises users to install these updates as soon as possible to protect their systems.

For more detailed information on these vulnerabilities and mitigation measures, users are encouraged to review Fortinet’s official advisories.

Skip to content