Fortinet Vulnerabilities Let Attackers Execute Arbitrary Code Remotely

Fortinet, a leading cybersecurity solutions provider, has issued urgent advisories regarding two critical vulnerabilities affecting its FortiWLM and FortiManager products.

These flaws could enable attackers to execute unauthorized code or commands remotely, posing significant risks to enterprise networks.

FortiWLM Vulnerability (CVE-2023-34990):

A critical security flaw, identified as CVE-2023-34990, has been discovered in Fortinet’s FortiWLM, a wireless LAN management solution.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

With a CVSS score of 9.6, this vulnerability stems from a relative path traversal issue (CWE-23) that allows unauthenticated attackers to read sensitive files. The affected versions include:

  • FortiWLM 8.6: 8.6.0 through 8.6.5
  • FortiWLM 8.5: 8.5.0 through 8.5.4

Fortinet has released updates to address this issue, urging users to upgrade to FortiWLM 8.6.6 or above for version 8.6 and 8.5.5 or above for version 8.5.

Security researcher Zach Hanley of Horizon3.ai identified that the vulnerability stems from improper validation of the imagename parameter in the /ems/cgi-bin/ezrf_lighttpd.cgi endpoint.

This flaw enables attackers to construct requests with path traversal sequences to access files outside the intended directory

FortiManager Vulnerability (CVE-2024-48889):

Another critical vulnerability, tracked as CVE-2024-48889, affects Fortinet’s FortiManager, a centralized security management platform.

This flaw, with a CVSS score of 7.2, arises from improper neutralization of special elements in OS commands (CWE-78), potentially allowing authenticated attackers to execute arbitrary code remotely. The affected versions include:

  • FortiManager 7.6: 7.6.0
  • FortiManager 7.4: 7.4.0 through 7.4.4
  • FortiManager 7.4 Cloud: 7.4.1 through 7.4.4
  • FortiManager 7.2: 7.2.3 through 7.2.7
  • FortiManager 7.2 Cloud: 7.2.1 through 7.2.7
  • FortiManager 7.0: 7.0.5 through 7.0.12
  • FortiManager 7.0 Cloud: 7.0.1 through 7.0.12
  • FortiManager 6.4: 6.4.10 through 6.4.14

Additionally, older FortiAnalyzer models with the `fmg-status` feature enabled are also impacted. Fortinet has provided updates for these versions, recommending users upgrade to the latest versions to mitigate the risk.

Organizations and individuals relying on Fortinet products are strongly advised to apply the necessary updates immediately to protect their systems and data from potential attacks.

Fortinet’s advisories provide detailed information on affected versions, remediation steps, and workarounds. Users should consult these resources and take appropriate action to secure their environments.

The discovery of these critical vulnerabilities underscores the importance of timely patching and vigilant cybersecurity practices.

Fortinet’s proactive approach to addressing these issues highlights the ongoing battle against cyber threats and the need for continuous security updates in enterprise environments.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Guru Baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.