Added: 03/18/2024
Fortinet Wireless Manager (FortiWLM) allows you to manage wireless networks on FortiGates.
A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by calling the deleteprogressfile
function with a specially crafted progressfile
parameter.
Upgrade to FortiWLM 8.5.5 or 8.6.6 or higher.
<https://www.fortiguard.com/psirt/FG-IR-23-140>
<https://www.horizon3.ai/attack-research/attack-blogs/fortiwlm-the-almost-story-for-the-forti-forty/>
FortiWLM