{"vulnerability": "CVE-2023-34990", "sightings": [{"uuid": "9763939b-bd71-4fc2-9d91-7a20e900f619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/mttaggart/statuses/113676180752563416", "content": "", "creation_timestamp": "2024-12-18T22:27:44.652698Z"}, {"uuid": "18b9f561-7de5-4f9b-9252-ba967dbc5a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ldnubko4bc2n", "content": "", "creation_timestamp": "2024-12-19T12:20:42.335434Z"}, {"uuid": "d1f2b166-efb7-4cae-9e24-652b079c4156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://thehackernews.com/2024/12/fortinet-warns-of-critical-fortiwlm.html", "content": "", "creation_timestamp": "2024-12-19T09:31:00.000000Z"}, {"uuid": "ebb7eb0e-29fe-40a9-98c5-40bf4a77a2de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ldnuagu2lw2e", "content": "", "creation_timestamp": "2024-12-19T12:20:05.721310Z"}, {"uuid": "36f31aba-e901-4ff6-9fad-6b80c01cfee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ldnuh5j6z72k", "content": "", "creation_timestamp": "2024-12-19T12:23:50.611535Z"}, {"uuid": "d085a2aa-e605-4b9a-b61e-190b6c891033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3ldnuipavmq2c", "content": "", "creation_timestamp": "2024-12-19T12:24:42.205247Z"}, {"uuid": "46f72507-a714-43ff-877c-7cccf355ae03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113673904010874634", "content": "", "creation_timestamp": "2024-12-18T12:48:43.702848Z"}, {"uuid": "03cea251-0fb5-42ed-bc8b-0b301a20965b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113674791142313324", "content": "", "creation_timestamp": "2024-12-18T16:34:20.513483Z"}, {"uuid": "f577d17b-f2a3-4dad-b734-ca9fb01942d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113674904259060282", "content": "", "creation_timestamp": "2024-12-18T17:03:08.688073Z"}, {"uuid": "9d7167d2-7559-49b9-b3f5-f36736daa3d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/adulau/statuses/113674914309627637", "content": "", "creation_timestamp": "2024-12-18T17:05:39.992483Z"}, {"uuid": "77734bcc-cf89-4753-860b-30cb75204ad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113674927052267535", "content": "", "creation_timestamp": "2024-12-18T17:08:54.585479Z"}, {"uuid": "d47e9f6a-d1e0-411a-9665-9202daad63e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ldnwrxvui22v", "content": "", "creation_timestamp": "2024-12-19T13:05:40.725171Z"}, {"uuid": "000df4eb-7979-4bee-b5db-9ebce7a630d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ldogmyckhc2e", "content": "", "creation_timestamp": "2024-12-19T17:49:13.902370Z"}, {"uuid": "752cca44-6d5a-4ae3-be47-8790934c49a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://cyberplace.social/users/GossiTheDog/statuses/113674232166302816", "content": "", "creation_timestamp": "2024-12-18T14:12:26.276702Z"}, {"uuid": "a0f2aa5f-0119-4aed-baf7-ec3019764994", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://social.circl.lu/users/circl/statuses/113674370374104492", "content": "", "creation_timestamp": "2024-12-18T14:47:20.109374Z"}, {"uuid": "4c8f7575-8b27-4963-a180-988d919768a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113679655471686245", "content": "", "creation_timestamp": "2024-12-19T13:11:23.948572Z"}, {"uuid": "2e662c29-2d22-4957-8980-f2effdce6a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ldnrh54g5i2b", "content": "", "creation_timestamp": "2024-12-19T11:30:09.107270Z"}, {"uuid": "de880702-0dc3-4365-a0ad-1e163d5419a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ldnrwzdzps2b", "content": "", "creation_timestamp": "2024-12-19T11:39:04.226575Z"}, {"uuid": "941de731-674d-4134-9032-5d621a77af35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/nidouille.bsky.social/post/3ldnywp2izk2f", "content": "", "creation_timestamp": "2024-12-19T13:44:08.124443Z"}, {"uuid": "976ee34a-081b-4f2e-8d8e-a20505e8661d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113675208676939403", "content": "", "creation_timestamp": "2024-12-18T18:20:38.125217Z"}, {"uuid": "38e5f017-7539-4356-b1d1-7ccfac09428e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/113679787983720927", "content": "", "creation_timestamp": "2024-12-19T13:45:05.873101Z"}, {"uuid": "53291434-7b88-47b7-b20b-5f8c5d85f237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3ldnyyoiymc2g", "content": "", "creation_timestamp": "2024-12-19T13:45:15.327410Z"}, {"uuid": "c80ef552-7897-4323-9f3f-84e27fdd5e7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://www.darkreading.com/vulnerabilities-threats/fortinet-addresses-unpatched-critical-rce-vector", "content": "", "creation_timestamp": "2024-12-19T21:29:13.000000Z"}, {"uuid": "7db25c1e-75a6-4ad3-a198-87ce82cfe07e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113708098281570069", "content": "", "creation_timestamp": "2024-12-24T13:44:50.127658Z"}, {"uuid": "195f7d0d-7150-4a86-ab1a-1f3f3e2e83ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3le7h3e7z5f2n", "content": "", "creation_timestamp": "2024-12-26T12:12:31.971381Z"}, {"uuid": "40e36ffd-866e-4f22-9f1f-dd856551cdaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrbs3rbwqh2v", "content": "", "creation_timestamp": "2025-06-10T21:02:31.175032Z"}, {"uuid": "acba79a9-b1c2-48a3-bc51-44c1f30aa6d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://bsky.app/profile/rhisac.org/post/3lhj4u7j2es2z", "content": "", "creation_timestamp": "2025-02-06T12:51:48.412043Z"}, {"uuid": "9920f745-b7e2-40da-b23a-006b7834d812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "Telegram/3nRemkJ7QQLpTAEdyBI9icPywtOe1mTOj38FO5mJXj0LGQ", "content": "", "creation_timestamp": "2024-12-19T20:28:30.000000Z"}, {"uuid": "059cf3b3-b886-47ad-9ec6-5cc72c7e11b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://t.me/cvedetector/13203", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-34990 - Fortinet FortiWLM Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-34990 \nPublished : Dec. 18, 2024, 1:15 p.m. | 46\u00a0minutes ago \nDescription : A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specially crafted web requests. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T15:22:12.000000Z"}, {"uuid": "3f539d52-bb4d-4157-83ad-749164342232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://t.me/CyberSecurityIL/63765", "content": "\u05db\u05de\u05d4 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e9\u05db\u05d3\u05d0\u05d9 \u05dc\u05e9\u05d9\u05dd \u05d0\u05dc\u05d9\u05d4\u05df \u05dc\u05d1:\n\n- \u05d7\u05d1\u05e8\u05ea Fortinet \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc \u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05de\u05d5\u05e6\u05e8 FortiWLM. \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 - CVE-2023-34990 \u05de\u05e9\u05e4\u05d9\u05e2\u05d4 \u05e2\u05dc \u05d2\u05e8\u05e1\u05d0\u05d5\u05ea 8.6.0-8.6.5, 8.5.0-8.5.4.\n\n\u05d4\u05d7\u05dc\u05e7 \u05d4\u05de\u05e2\u05e0\u05d9\u05d9\u05df \u05d1\u05e1\u05d9\u05e4\u05d5\u05e8 \u05d4\u05d5\u05d0 \u05e9\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d3\u05d5\u05d5\u05d7\u05d4 \u05dc\u05e4\u05d5\u05e8\u05d8\u05d9 \u05db\u05d1\u05e8 \u05d1\u05de\u05e8\u05e5 23 \u05e2\u05dc \u05d9\u05d3\u05d9 \u05d7\u05d5\u05e7\u05e8 \u05d0\u05d1\u05d8\"\u05de \u05d0\u05da \u05dc\u05d0 \u05d8\u05d5\u05e4\u05dc\u05d4.\n\u05dc\u05e4\u05e0\u05d9 \u05d9\u05d5\u05de\u05d9\u05d9\u05dd \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05d7\u05d1\u05e8\u05d4 \u05d4\u05ea\u05d9\u05d9\u05d7\u05e1\u05d5\u05ea \u05dc\u05e0\u05d5\u05e9\u05d0 \u05e2\u05dd \u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05de\u05ea\u05d5\u05e7\u05e0\u05d5\u05ea.\n\n\u05d1\u05e7\u05d9\u05e6\u05d5\u05e8, \u05d3\u05d9\u05d5\u05d5\u05d7 \u05e2\u05dc \u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05e0\u05e9\u05dc\u05d7 \u05d1\u05de\u05e8\u05e5 2023 \u05d0\u05da \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e0\u05e1\u05d2\u05e8\u05d4 \u05e8\u05e7 \u05d0\u05d7\u05e8\u05d9 \u05d9\u05d5\u05ea\u05e8 \u05de\u05e9\u05e0\u05d4 \u05d5\u05d7\u05e6\u05d9...\n\u05d4\u05e8\u05d7\u05d1\u05d4 \u05d1\u05e0\u05d5\u05e9\u05d0 \u05db\u05d0\u05df \u05d5\u05db\u05d0\u05df\n\n- \u05d7\u05d1\u05e8\u05ea BeyondTrust \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc \u05e1\u05d2\u05d9\u05e8\u05d4 \u05e9\u05dc \u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea CVE-2024-12356 \u05e9\u05e0\u05d5\u05e6\u05dc\u05d4 \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05de\u05e1\u05d1\u05d9\u05d1 \u05dc\u05e2\u05d5\u05dc\u05dd. (CISA \u05d4\u05d5\u05e1\u05d9\u05e4\u05d5 \u05d0\u05ea \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05dc\u05de\u05d0\u05d2\u05e8 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d4\u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05d1\u05e9\u05e0\u05ea 2024).\n\n- \u05d7\u05d1\u05e8\u05ea Sophos \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc 3 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9 \u05d4-FW \u05e9\u05dc \u05d4\u05d7\u05d1\u05e8\u05d4 (2 \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d5\u05d0\u05d7\u05ea \u05d2\u05d1\u05d5\u05d4\u05d4).\n\u05d0\u05dd \u05de\u05d5\u05d2\u05d3\u05e8 \u05d0\u05e6\u05dc\u05db\u05dd \u05dc\u05d1\u05e6\u05e2 \u05e2\u05d3\u05db\u05d5\u05e0\u05d9\u05dd \u05d1\u05d0\u05d5\u05e4\u05df \u05d0\u05d5\u05d8\u05d5\u05de\u05d8\u05d9 \u05d0\u05d6 \u05d0\u05ea\u05dd \u05de\u05db\u05d5\u05e1\u05d9\u05dd.\n\nhttps://t.me/CyberSecurityIL/6274\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2024-12-20T11:32:34.000000Z"}, {"uuid": "96d51ff5-ebb9-4561-bb4f-48f92cfef2f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://t.me/true_secator/6558", "content": "Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0432 Wireless LAN Manager (FortiWLM), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\nCVE-2023-34990 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,6 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0432 NIST (NVD), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0435 /ems/cgi-bin/ezrf_lighttpd.cgi.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 FortiWLM \u0432\u0435\u0440\u0441\u0438\u0439 8.6.0\u20138.6.5 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 8.6.6 \u0438 \u0432\u044b\u0448\u0435) \u0438 8.5.0\u20138.5.4 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 8.5.5 \u0438 \u0432\u044b\u0448\u0435).\n\n\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f  \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Horizon3.ai \u0417\u0430\u043a\u0443 \u0425\u044d\u043d\u043b\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c, CVE-2023-34990 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0447\u0442\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Horizon3.ai \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430\u00a0\u0435\u0449\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u0437 \u0448\u0435\u0441\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 FortiWLM.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u0430, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438 \u0438 \u0447\u0438\u0442\u0430\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2023-34990 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u0430 FortiWLM \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0441\u0435\u0430\u043d\u0441\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043b\u043e\u0433\u0438\u043d, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0435\u043c\u0443 \u0442\u0430\u043a\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0435 \u0442\u043e\u0447\u043a\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0432\u0435\u0431-\u0441\u0435\u0430\u043d\u0441\u043e\u0432 \u043d\u0435 \u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0430\u043d\u0441\u0430\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0447\u0442\u043e\u0431\u044b \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0438\u0445 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043d\u0430 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443.\n\n\u0418 \u044d\u0442\u043e \u0435\u0449\u0435 \u043d\u0435 \u0432\u0441\u0435.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c CVE-2023-34990 \u0441\u00a0CVE-2023-48782 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,8), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 FortiWLM 8.6.6 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 root.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0435\u0435 Fortinet \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 CVE-2024-48889 (CVSS: 7.2) \u0432 FortiManager, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 FGFM.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Fortinet \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f\u00a0\u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u043f\u0435\u0440\u0432\u043e\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u0435\u043c\u043b\u0435\u043d\u0438\u0439 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f, \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437.", "creation_timestamp": "2024-12-19T14:06:21.000000Z"}, {"uuid": "89d363cf-b02e-4540-88c1-e7ce7c253913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34990", "type": "seen", "source": "https://t.me/thehackernews/6071", "content": "\ud83d\uded1 Fortinet's Wireless LAN Manager (FortiWLM) is vulnerable to a path traversal flaw (CVE-2023-34990) with a 9.6/10 CVSS score. \n \nWhy it\u2019s urgent: It allows attackers to... \n1\ufe0f\u20e3 Access admin accounts using static session IDs. \n2\ufe0f\u20e3 Execute unauthorized commands by chaining vulnerabilities. \n3\ufe0f\u20e3 Gain root access to your network in minutes. \n \n\ud83d\udee0\ufe0f Patch now: \nAffected versions: 8.5.0 to 8.6.5. \nFixed in 8.6.6\u2014update immediately. \n \nRead: https://thehackernews.com/2024/12/fortinet-warns-of-critical-fortiwlm.html", "creation_timestamp": "2024-12-19T11:37:37.000000Z"}]}