Horizon3.ai this morning published “Fortinet FortiWLM Deep-Dive, IOCs, and the Almost Story of the “Forti Forty” disclosing several vulnerabilities effecting the #Fortinet #FortiWLM (Wireless LAN Manager). The vulnerabilities span from command injection, SQL injection, to file reads. While most were patched late last year, 2 remained unpatched as of March 13, 2024, after 307 days from Horizon3.ai’s initial report.
This blog details several of the issues discovered in the FortiWLM that have since been patched:
- CVE-2023-34993 – Multiple Unauthenticated Command Injections – PSIRT-23-140
- CVE-2023-34991 – Unauthenticated SQL Injection – PSIRT-23-142
- CVE-2023-42783 – Unauthenticated Arbitrary File Read – PSIRT-23-143
- CVE-2023-48782 – Authenticated Command Injection – PSIRT-23-450
Additionally two vulnerabilities that have not received patches leading to appliance compromise:
- Unauthenticated Limited Log File Read – Allows retrieval of arbitrary log files which contain administrator session ID tokens
- Static Session ID Vulnerability – Session IDs do not change between sessions for users. Chained with the above issue allows trivial compromise of the device.
This morning’s blog post includes paths to remote code execution and indicators of compromise.
Like this:
Like Loading...
Related
This entry was posted on March 14, 2024 at 2:24 pm and is filed under Commentary with tags horizon3.ai. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Multiple Fortinet FortiWLM Vulnerablities, Indicators Of Compromise Documented By Horizon3.ai
Horizon3.ai this morning published “Fortinet FortiWLM Deep-Dive, IOCs, and the Almost Story of the “Forti Forty” disclosing several vulnerabilities effecting the #Fortinet #FortiWLM (Wireless LAN Manager). The vulnerabilities span from command injection, SQL injection, to file reads. While most were patched late last year, 2 remained unpatched as of March 13, 2024, after 307 days from Horizon3.ai’s initial report.
This blog details several of the issues discovered in the FortiWLM that have since been patched:
Additionally two vulnerabilities that have not received patches leading to appliance compromise:
This morning’s blog post includes paths to remote code execution and indicators of compromise.
Share this:
Like this:
Related
This entry was posted on March 14, 2024 at 2:24 pm and is filed under Commentary with tags horizon3.ai. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.