Here are sources for your Fortinet CVE-2024-34990 (CVSSv3.1: **9.8 critical**): <li><a href="https://www.fortiguard.com/psirt/FG-IR-23-144"; target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">fortiguard.com/psirt/FG-IR-23-</span><span class="invisible">144</span></a> (error loading)</li><li><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-34990"; target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">nvd.nist.gov/vuln/detail/CVE-2</span><span class="invisible">023-34990</span></a></li>
> A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specially crafted web requests.
Note: FortiGuard PSIRT has a tendency to only list the temporal CVSS score 9.6 (lower score) to downplay the severity of its original base score.
Not Simon 🐐
npub14g…xznd6
2024-12-18 17:03:05 UTC
in reply to nevent1q…l6v0
Author Public Key
npub14g0mj0fmn0sepfuhp2wupyk7d8xyz7rezpmrx2gfsav9vxlwxypq4xznd6Seen on
wss://relay.momostr.pinkPublished at
2024-12-18 17:03:05 UTCEvent JSON
{
"id": "e93499afe3a3d481b7e0682159e627459aa16f3b7eb0c40f7907fd37995a0d94",
"pubkey": "aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102",
"created_at": 1734541385,
"kind": 1,
"tags": [
[
"p",
"62cd3965218d8aff0b8ceab93c066b05a07eefe2505c6f8426a2e6973184d985"
],
[
"e",
"91bdd105f494fccbf84348080a24b7725dc33fc9c34f293cb86e916633bf9655",
"",
"root",
"62cd3965218d8aff0b8ceab93c066b05a07eefe2505c6f8426a2e6973184d985"
],
[
"proxy",
"https://infosec.exchange/@screaminggoat/113674904259060282",
"web"
],
[
"proxy",
"https://infosec.exchange/users/screaminggoat/statuses/113674904259060282",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/screaminggoat/statuses/113674904259060282",
"pink.momostr"
],
[
"-"
]
],
"content": "Here are sources for your Fortinet CVE-2024-34990 (CVSSv3.1: **9.8 critical**): \u003cli\u003e\u003ca href=\"https://www.fortiguard.com/psirt/FG-IR-23-144\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"\u003e\u003cspan class=\"invisible\"\u003ehttps://www.\u003c/span\u003e\u003cspan class=\"ellipsis\"\u003efortiguard.com/psirt/FG-IR-23-\u003c/span\u003e\u003cspan class=\"invisible\"\u003e144\u003c/span\u003e\u003c/a\u003e (error loading)\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2023-34990\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"\u003e\u003cspan class=\"invisible\"\u003ehttps://\u003c/span\u003e\u003cspan class=\"ellipsis\"\u003envd.nist.gov/vuln/detail/CVE-2\u003c/span\u003e\u003cspan class=\"invisible\"\u003e023-34990\u003c/span\u003e\u003c/a\u003e\u003c/li\u003e\n\n\u003e A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specially crafted web requests.\n\nNote: FortiGuard PSIRT has a tendency to only list the temporal CVSS score 9.6 (lower score) to downplay the severity of its original base score.",
"sig": "29f5d38db8a2fd7f6561f9bc93897a2513c6256908494e45087f0c884d7fd2dc53aa667487f802e20dce0b584003be67bbd4e6379ecf5bce399dd0b3ac5400b9"
}