CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-48782

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters

Exploit prediction scoring system (EPSS) score

EPSS Score 0.041

EPSS Ranking 87.9%

CVSS Severity

CVSS v3 Score 8.8

References

https://fortiguard.com/psirt/FG-IR-23-450
https://fortiguard.com/psirt/FG-IR-23-450

Products affected by CVE-2023-48782

Fortinet » Fortiwlm » Version: 8.6.0

cpe:2.3:a:fortinet:fortiwlm:8.6.0
Fortinet » Fortiwlm » Version: 8.6.1

cpe:2.3:a:fortinet:fortiwlm:8.6.1
Fortinet » Fortiwlm » Version: 8.6.2

cpe:2.3:a:fortinet:fortiwlm:8.6.2
Fortinet » Fortiwlm » Version: 8.6.3

cpe:2.3:a:fortinet:fortiwlm:8.6.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-48782

Products

Pricing

Contact Us